# List of security hacking incidents

> Mediated Wiki article. Canonical URL: https://mediated.wiki/source/List_of_security_hacking_incidents
> Markdown URL: https://mediated.wiki/source/List_of_security_hacking_incidents.md
> Source: https://en.wikipedia.org/wiki/List_of_security_hacking_incidents
> Source revision: 1356404687
> License: Creative Commons Attribution-ShareAlike 4.0 International (https://creativecommons.org/licenses/by-sa/4.0/)

This article may require copy editing for grammar and capitalization, especially for the sections on more modern hacking incidents. You can assist by editing it. (March 2026) (Learn how and when to remove this message)

This **list of security hacking incidents** covers important or noteworthy events in the history of [security hacking](/source/Security_hacker) and [cracking](/source/Security_hacker#cracker).

## 1900

### 1903

- Magician and inventor [Nevil Maskelyne](/source/Nevil_Maskelyne_(magician)) disrupts [John Ambrose Fleming](/source/John_Ambrose_Fleming)'s public demonstration of [Guglielmo Marconi](/source/Guglielmo_Marconi)'s purportedly secure [wireless telegraphy](/source/Wireless_telegraphy) technology, sending insulting [Morse code](/source/Morse_code) messages through the auditorium's projector.[1]

## 1930s

### 1932

- Polish cryptologists [Marian Rejewski](/source/Marian_Rejewski), [Henryk Zygalski](/source/Henryk_Zygalski) and Jerzy Różycki broke the [Enigma machine](/source/Cryptanalysis_of_the_Enigma) code.

### 1939

- [Alan Turing](/source/Alan_Turing), [Gordon Welchman](/source/Gordon_Welchman) and [Harold Keen](/source/Harold_Keen) worked together to develop the codebreaking device [Bombe](/source/Bombe) (based off of Rejewski's work on [Bomba](/source/Bomba_(cryptography))). The [Enigma machine](/source/Enigma_machine)'s use of a reliably small key space makes it vulnerable to brute force attacks.

## 1940s

### 1943

- [René Carmille](/source/Ren%C3%A9_Carmille), [comptroller](/source/Comptroller) general of the [Vichy French](/source/Vichy_France) Army, hacked the [punch card](/source/Punch_card) system used by the Nazis to locate Jews.[2]

### 1949

- The theory that underlies computer viruses was first made public in 1949, when computer pioneer [John von Neumann](/source/John_von_Neumann) presented a paper titled "Theory and Organization of Complicated Automata". In the paper, von Neumann speculated that computer programs could reproduce themselves.[3]

## 1950s

### 1955

- At [MIT](/source/MIT), "hack" first came to mean playing with machines. An April 1955 meeting of the [Tech Model Railroad Club](/source/Tech_Model_Railroad_Club) has one say that "Mr. Eccles requests that anyone working or hacking on the electrical system turn the power off to avoid fuse blowing."[4]

### 1957

- Joe "[Joybubbles](/source/Joybubbles)" Engressia, a blind seven-year-old boy with perfect pitch, discovered that whistling the fourth E above middle C (a frequency of 2600 Hz) would interfere with AT&T's automated telephone systems, thereby inadvertently opening the door for [phreaking](/source/Phreaking).

## 1960s

- Various [phreaking boxes](/source/Phreaking_boxes) are used to interact with automated telephone systems.[*[citation needed](https://en.wikipedia.org/wiki/Wikipedia:Citation_needed)*]

### 1963

- The first ever reference to malicious [hacking](/source/Security_hacker) is '[phreaking](/source/Phreaking)' in [MIT](/source/Massachusetts_Institute_of_Technology)'s student newspaper, *The Tech*, containing hackers tying up the lines with [Harvard](/source/Harvard_University), configuring the [PDP-1](/source/PDP-1) to make free calls, [war dialing](/source/War_dialing) and accumulating large phone bills.[5][6][7]

### 1965

- William D. Mathews from [MIT](/source/MIT) finds a vulnerability in a **[CTSS](/source/Compatible_Time-Sharing_System)** running on an [IBM 7094](/source/IBM_7094). The standard text editor on the system was designed to be used by one user at a time, working in one directory, and so it created a temporary file with a constant name for all instances of the editor. The flaw was discovered when two system programmers were editing at the same time and the temporary files for the message of the day and the password file became swapped, causing the contents of the system CTSS password file to display to any user logging into the system.[8][9][10]

### 1967

- The first known incidence of network penetration hacking took place when members of a computer club at a suburban Chicago high school were provided access to IBM's [APL](/source/APL_(programming_language)) network. In the fall of 1967, IBM (through [Science Research Associates](/source/Science_Research_Associates)) approached [Evanston Township High School](/source/Evanston_Township_High_School) with the offer of four [2741 Selectric teletypewriter](/source/IBM_2741)-based terminals with dial-up modem connectivity to an experimental computer system which implemented an early version of the APL programming language. The APL network system was structured into workspaces which were assigned to various clients using the system. Working independently, the students quickly learned the language and the system. They were free to explore the system, often using existing code available in public workspaces as models for their own creations. Eventually, curiosity drove the students to explore the system's wider context. This first informal network penetration effort was later acknowledged as helping harden the security of one of the first publicly accessible networks:[11] Science Research Associates undertook to write a full APL system for the [IBM 1500](/source/IBM_1500). They modeled their system after [APL/360](/source/APL%2F360), which had by that time been developed and seen substantial use inside of IBM, using code borrowed from MAT/1500 where possible. In their documentation, they acknowledge their gratitude to "a number of high school students for their compulsion to bomb the system". This was an early example of a kind of sportive, but very effective, debugging that was often repeated in the evolution of APL systems.

## 1970s

### 1971

- [John T. Draper](/source/John_Draper) (later nicknamed Captain Crunch), his friend Joe Engressia (also known as [Joybubbles](/source/Joybubbles)), and [blue box](/source/Blue_box) phone [phreaking](/source/Phreaking) hit the news with an *[Esquire](/source/Esquire_(magazine))* magazine feature story.[12]

### 1979

- [Kevin Mitnick](/source/Kevin_Mitnick) breaks into his first major computer system, the Ark, which was the computer system [Digital Equipment Corporation](/source/Digital_Equipment_Corporation) (DEC) used for developing their [RSTS/E](/source/RSTS%2FE) operating system software.[13]

## 1980s

v t e Hacking in the 1980s ← 1970s Timeline of security hacking incidents Timeline of computer viruses and worms 1990s → Individuals Daniel Sentinelli Fernando Bonsembiante Justin Tanner Petersen Kevin Mitnick Lewis De Payne Lenny DiCicco Markus Hess Hans Heinrich Hübner Pablo Kleinman Raúl Barragán Susan Headley Groups The 414s Piratas Unidos Argentinos Malware 4K AIDS Trojan horse AIDS virus Alabama ANTI Brain Byte Bandit Cascade Christmas Tree EXEC CyberAIDS EGABTR Elk Cloner Father Christmas Festering Hate Ghostball HyperCard viruses Jerusalem Lamer Exterminator MacMag Morris nVIR Ping-Pong SCA Scores Stoned Virdem WANK

### 1980

- The [FBI](/source/FBI) investigates a breach of security at [National CSS](/source/National_CSS) (NCSS). *[The New York Times](/source/The_New_York_Times)*, reporting on the incident in 1981, describes hackers as:[14]

- Technical experts, skilled, often young, computer programmers who almost whimsically probe the defenses of a computer system, searching out the limits and the possibilities of the machine. Despite their seemingly subversive role, hackers are a recognized asset in the computer industry, often highly prized.

- The newspaper describes [white hat](/source/White_hat_(computer_security)) activities as part of a "mischievous but perversely positive 'hacker' tradition". When a National CSS employee revealed the existence of his [password cracker](/source/Password_cracker), which he had used on customer accounts, the company chastised him not for writing the software but for not disclosing it sooner. The letter of reprimand stated that "The Company realizes the benefit to NCSS and in fact encourages the efforts of employees to identify security weaknesses to the VP, the directory, and other sensitive software in files".[14]

### 1981

- [Chaos Computer Club](/source/Chaos_Computer_Club) forms in Germany.[*[citation needed](https://en.wikipedia.org/wiki/Wikipedia:Citation_needed)*]

- Ian Murphy, aka Captain Zap, was the first cracker to be tried and convicted as a felon. Murphy broke into AT&T's computers in 1981 and changed the internal clocks that metered billing rates. People were getting late-night discount rates when they called at midday. Of course, the bargain-seekers who waited until midnight to call long distance were hit with high bills.[15]

### 1983

- [The 414s](/source/The_414s) break into 60 computer systems at institutions ranging from the [Los Alamos National Laboratory](/source/Los_Alamos_National_Laboratory) to Manhattan's [Memorial Sloan-Kettering Cancer Center](/source/Memorial_Sloan-Kettering_Cancer_Center).[16] The incident appeared as the cover story of *[Newsweek](/source/Newsweek)* with the title "Beware: Hackers at play".[17] As a result, the [U.S. House of Representatives](/source/U.S._House_of_Representatives) held hearings on computer security and passed several laws.[*[citation needed](https://en.wikipedia.org/wiki/Wikipedia:Citation_needed)*]

- The group [KILOBAUD](/source/P.H.I.R.M.) is formed in February, kicking off a series of other hacker groups that formed soon after.[*[citation needed](https://en.wikipedia.org/wiki/Wikipedia:Citation_needed)*]

- The movie *[WarGames](/source/WarGames)* introduces the wider public to the phenomenon of hacking and creates a degree of mass paranoia about hackers and their supposed abilities to bring the world to a screeching halt by launching nuclear [ICBMs](/source/ICBM).[18]

- The [U.S. House of Representatives](/source/U.S._House_of_Representatives) begins hearings on computer security hacking.[19]

- In his [Turing Award](/source/Turing_Award) lecture, [Ken Thompson](/source/Ken_Thompson) mentions "hacking" and describes a security exploit that he calls a "[Trojan horse](/source/Trojan_horse_(computing))".[20]

### 1984

- Someone calling himself [Lex Luthor](/source/Lex_Luthor) founds the [Legion of Doom](/source/Legion_of_Doom_(hacking)). Named after a Saturday morning cartoon, the LOD had the reputation of attracting "the best of the best"—until one of the most talented members called [Phiber Optik](/source/Phiber_Optik) feuded with Legion of Doomer [Erik Bloodaxe](/source/Erik_Bloodaxe_(hacker)) and got 'tossed out of the clubhouse'. Phiber's friends formed a rival group, the [Masters of Deception](/source/Masters_of_Deception).[*[citation needed](https://en.wikipedia.org/wiki/Wikipedia:Citation_needed)*]

- The [Comprehensive Crime Control Act](/source/Comprehensive_Crime_Control_Act) gives the Secret Service jurisdiction over [computer fraud](/source/Computer_fraud).

- The [Cult of the Dead Cow](/source/Cult_of_the_Dead_Cow) forms in [Lubbock, Texas](/source/Lubbock%2C_Texas), and begins publishing its [underground ezine](/source/Underground_ezine).

- The [hacker](/source/Hacker_(computer_security)) magazine *2600* begins regular publication, right when [TAP](https://en.wikipedia.org/w/index.php?title=Technical_Assistance_Program&action=edit&redlink=1) was putting out its final issue. The editor of *2600*, "[Emmanuel Goldstein](/source/Emmanuel_Goldstein)" (whose real name is [Eric Corley](/source/Eric_Corley)), takes his handle from the leader of the resistance in [George Orwell](/source/George_Orwell)'s *[Nineteen Eighty-Four](/source/Nineteen_Eighty-Four)*. The publication provides tips for would-be hackers and phone phreaks, as well as commentary on the hacker issues of the day. Today, copies of *2600* are sold at most large retail bookstores.[*[citation needed](https://en.wikipedia.org/wiki/Wikipedia:Citation_needed)*]

- The [Chaos Communication Congress](/source/Chaos_Communication_Congress), the annual European hacker conference organized by the [Chaos Computer Club](/source/Chaos_Computer_Club), is held in [Hamburg](/source/Hamburg), Germany.[*[citation needed](https://en.wikipedia.org/wiki/Wikipedia:Citation_needed)*]

- [William Gibson](/source/William_Gibson)'s groundbreaking science fiction novel *[Neuromancer](/source/Neuromancer)*, about "Case", a futuristic computer hacker, is published. Considered the first major [cyberpunk](/source/Cyberpunk) novel, it brought into hacker jargon such terms as "[cyberspace](/source/Cyberspace)", "the matrix", "simstim", and "[ICE](/source/Intrusion_Countermeasures_Electronics)".[*[citation needed](https://en.wikipedia.org/wiki/Wikipedia:Citation_needed)*]

### 1985

- [KILOBAUD](/source/P.H.I.R.M.) is re-organized into [P.H.I.R.M.](/source/P.H.I.R.M.) and begins [sysopping](/source/Sysop) hundreds of [bulletin board systems](/source/Bulletin_board_system) (BBSs) throughout the United States, Canada, and Europe.[*[citation needed](https://en.wikipedia.org/wiki/Wikipedia:Citation_needed)*]

- The online 'zine *[Phrack](/source/Phrack)* is established.[*[citation needed](https://en.wikipedia.org/wiki/Wikipedia:Citation_needed)*]

- *[The Hacker's Handbook](/source/The_Hacker's_Handbook)* is published in the UK.[21]

- The FBI, Secret Service, Middlesex County NJ Prosecutor's Office and various local law enforcement agencies execute seven search warrants concurrently across New Jersey on July 12, 1985, seizing equipment from BBS operators and users alike for "complicity in computer theft",[22] under a newly passed, and yet untested criminal statute.[23] This is famously known as the Private Sector Bust,[24] or the 2600 BBS Seizure,[25] and implicated the Private Sector BBS sysop, Store Manager (also a BBS sysop), Beowulf, Red Barchetta, The Vampire, the NJ Hack Shack BBS sysop, and the Treasure Chest BBS sysop.[*[citation needed](https://en.wikipedia.org/wiki/Wikipedia:Citation_needed)*]

### 1986

- After more and more break-ins to [government](/source/Government) and [corporate](/source/Corporation) computers, Congress passes the [Computer Fraud and Abuse Act](/source/Computer_Fraud_and_Abuse_Act), which makes it a crime to break into computer systems. The law, however, does not cover juveniles.[*[citation needed](https://en.wikipedia.org/wiki/Wikipedia:Citation_needed)*][26]

- [Robert Schifreen](/source/Robert_Schifreen) and [Stephen Gold](/source/Stephen_Gold) are convicted of accessing the [Telecom Gold](/source/Telecom_Gold) account belonging to the [Duke of Edinburgh](/source/Prince_Philip%2C_Duke_of_Edinburgh) under the [Forgery and Counterfeiting Act 1981](/source/Forgery_and_Counterfeiting_Act_1981) in the United Kingdom, the first conviction for illegally accessing a computer system. On appeal, the conviction is overturned as hacking is not within the legal definition of forgery.[27]

- Arrest of a hacker who calls himself The Mentor. He published a now-famous treatise shortly after his arrest that came to be known as the [Hacker Manifesto](/source/Hacker_Manifesto) in the e-zine [Phrack](/source/Phrack). This still serves as the most famous piece of hacker literature and is frequently used to illustrate the mindset of hackers.

- Astronomer [Clifford Stoll](/source/Clifford_Stoll) plays a pivotal role in tracking down hacker [Markus Hess](/source/Markus_Hess), events later covered in Stoll's 1990 book *[The Cuckoo's Egg](/source/The_Cuckoo's_Egg)*.[28]

### 1987

- The [Christmas Tree EXEC](/source/Christmas_Tree_EXEC) "worm" causes major disruption to the [VNET](/source/VNET), [BITNET](/source/BITNET) and [EARN](/source/European_Academic_Research_Network) networks.[29]

### 1988

- The *[Morris Worm](/source/Morris_Worm)*. Graduate student Robert T. Morris Jr. of Cornell University launches a worm on the government's ARPAnet (precursor to the Internet).[30][31] The worm spreads to 6,000 networked computers, clogging government and university systems. Robert Morris is dismissed from Cornell, sentenced to three years' probation, and fined $10,000.[32]

- [First National Bank of Chicago](/source/First_National_Bank_of_Chicago) is the victim of $70 million computer theft.

- The [Computer Emergency Response Team](/source/CERT_Coordination_Center) (CERT) is created by [DARPA](/source/DARPA) to address [network security](/source/Network_security).

- The [Father Christmas (computer worm)](/source/Father_Christmas_(computer_worm)) spreads over [DECnet](/source/DECnet) networks.

### 1989

- [Jude Milhon](/source/Jude_Milhon) (aka St Jude) and [R. U. Sirius](/source/R._U._Sirius) launch *[MONDO 2000](/source/MONDO_2000)*, a major '90s tech-lifestyle magazine, in [Berkeley, California](/source/Berkeley%2C_California).

- The politically motivated [WANK worm](/source/WANK_(computer_worm)) spreads over [DECnet](/source/DECnet).

- Dutch magazine [Hack-Tic](/source/Hack-Tic) begins.

- [The Cuckoo's Egg](/source/The_Cuckoo's_Egg) by Clifford Stoll is published.

- The detection of [AIDS (Trojan horse)](/source/AIDS_(Trojan_horse)) is the first instance of a ransomware detection.

## 1990s

v t e Hacking in the 1990s ← 1980s Timeline of security hacking incidents Timeline of computer viruses and worms 2000s → Incidents Moonlight Maze Operation CyberSnare Operation Sundevil Groups globalHell Global kOS L0pht Level Seven Milw0rm MOD Individuals Mark Abene Dark Avenger Erik Bloodaxe Jean-Bernard Condat Lewis De Payne Jonathan James Elias Ladopoulos Kevin Mitnick Justin Tanner Petersen Ehud Tenenbaum John Threat YTCracker Steven Games Malware 1260 5lo ABC Abraxas Acid Acme Ada AGI-Plan Alcon Ambulance AntiCMOS AntiEXE ARCV-n Barrotes Bliss Bomber BonziBuddy Casino CIH CTX Eliza ExploreZip Form Happy99 Hare KoKo KAK Melissa Michelangelo Natas OneHalf Ontario Scott's Valley Staog Sub7 Twelve Tricks Virus Creation Laboratory Whale

### 1990

- [Operation Sundevil](/source/Operation_Sundevil) introduced. After a prolonged sting investigation, Secret Service agents swoop down on organizers and prominent members of BBSs in 14 U.S. cities including the [Legion of Doom](/source/Legion_of_Doom_(hacking)), conducting early-morning raids and arrests. The arrests involve and are aimed at cracking down on credit-card theft and telephone and wire fraud. The result is a breakdown in the hacking community, with members informing on each other in exchange for immunity. The offices of [Steve Jackson Games](/source/Steve_Jackson_Games) are also raided, and the [role-playing](/source/Role-playing_game) sourcebook [GURPS Cyberpunk](/source/GURPS_Cyberpunk) is confiscated, possibly because the government fears it is a "handbook for computer crime". Legal battles arise that prompt the formation of the [Electronic Frontier Foundation](/source/Electronic_Frontier_Foundation), including the trial of [Knight Lightning](/source/Craig_Neidorf).

- Australian federal police tracking *Realm* members *[Phoenix](/source/Nahshon_Even-Chaim)*, *[Electron](/source/Electron_(computer_hacker))* and *Nom* are the first in the world to use a remote data intercept to gain evidence for a computer crime prosecution.[33]

- The [Computer Misuse Act 1990](/source/Computer_Misuse_Act_1990) is passed in the United Kingdom, criminalising any unauthorised access to computer systems.

### 1992

- Release of the movie *[Sneakers](/source/Sneakers_(1992_film))*, in which security experts are blackmailed into stealing a universal decoder for [encryption](/source/Encryption) [systems](/source/System).

- One of the first ISPs, [MindVox](/source/MindVox), opens to the public.

- Bulgarian virus writer [Dark Avenger](/source/Dark_Avenger) wrote [1260](/source/1260_(computer_virus)), the first known use of [polymorphic code](/source/Polymorphic_code), used to circumvent the type of pattern recognition used by [antivirus software](/source/Antivirus_software), and nowadays also [intrusion detection systems](/source/Intrusion_detection_system).[*[citation needed](https://en.wikipedia.org/wiki/Wikipedia:Citation_needed)*][26][34]

- Publication of a hacking instruction manual for penetrating [TRW credit](/source/TRW_Credit) reporting agency by Infinite Possibilities Society (IPS) gets Dr. Ripco, the sysop of Ripco BBS mentioned in the IPS manual, arrested by the [United States Secret Service](/source/United_States_Secret_Service).[35]

### 1993

- The first [DEF CON](/source/DEF_CON) hacking conference takes place in [Las Vegas](/source/Las_Vegas%2C_Nevada). The conference is meant to be a one-time party to say good-bye to BBSs (now replaced by the Web), but the gathering was so popular it became an annual event.

- [AOL](/source/AOL) gives its users access to [Usenet](/source/Usenet), precipitating [Eternal September](/source/Eternal_September).

### 1994

- Summer: [Russian](/source/Russia) [crackers](/source/Hacker_(computer_security)) siphon $10 million from Citibank and transfer the money to bank accounts around the world. [Vladimir Levin](/source/Vladimir_Levin_(hacker)), the 30-year-old [ringleader](https://en.wiktionary.org/wiki/ringleader), used his work laptop after hours to transfer the funds to accounts in Finland and [Israel](/source/Israel). Levin stands trial in the United States and is sentenced to three years in prison. Authorities recover all but $400,000 of the stolen money.

- Hackers adapt to emergence of the [World Wide Web](/source/World_Wide_Web) quickly, moving all their how-to information and hacking programs from the old BBSs to new hacker [web sites](/source/Web_site).

- [AOHell](/source/AOHell) is released, a [freeware](/source/Freeware) [application](/source/Application_software) that allows a burgeoning community of unskilled [script kiddies](/source/Script_kiddie) to wreak havoc on [America Online](/source/America_Online). For days, hundreds of thousands of AOL users find their mailboxes flooded with multi-megabyte [email bombs](/source/Email_bomb) and their chat rooms disrupted with [spam](/source/Spamming) messages.

- December 27: After experiencing an [IP spoofing](/source/IP_spoofing) attack by [Kevin Mitnick](/source/Kevin_Mitnick), computer security expert [Tsutomu Shimomura](/source/Tsutomu_Shimomura) started to receive prank calls that popularized the phrase "[My kung fu is stronger than yours](/source/My_kung_fu_is_stronger_than_yours)".[36]

### 1995

- The movies *[The Net](/source/The_Net_(1995_film))* and *[Hackers](/source/Hackers_(film))* are released.

- The Canadian ISP dlcwest.com is hacked and website replaced with a graphic and the caption "You've been hacked MOFO"

- The US Secret Service raid 12 and arrest 6 cellular phone hackers in [Operation Cybersnare](/source/Operation_Cybersnare)

- February 22: The [FBI](/source/FBI) raids the "Phone Masters".[37]

### 1996

- Hackers alter Web sites of the [United States Department of Justice](/source/United_States_Department_of_Justice) (August), the [CIA](/source/CIA) (October), and the [U.S. Air Force](/source/U.S._Air_Force) (December).

- Canadian hacker group, Brotherhood, breaks into the [Canadian Broadcasting Corporation](/source/Canadian_Broadcasting_Corporation).

- Arizona hacker, John Sabo A.K.A FizzleB/Peanut, was arrested for hacking Canadian ISP dlcwest.com claiming the company was defrauding customers through over billing.

- The US general accounting office reports that hackers attempted to break into Defense Department computer files some 250,000 times in 1995 alone with a success rate of about 65% and doubling annually.[38][39][40][41]

- [Cryptovirology](/source/Cryptovirology) is born with the invention of the cryptoviral extortion protocol that would later form the basis of modern [ransomware](/source/Ransomware).[42]

### 1997

- The AOL hack program Lucifer-X by NailZ, is released. In a matter of days AOL is being used for free by hundreds of thousands of users.[*[citation needed](https://en.wikipedia.org/wiki/Wikipedia:Citation_needed)*]

- A 16-year-old [Croatian](/source/Croatia) youth penetrates computers at a U.S. Air Force base in [Guam](/source/Guam).[43]

- June: [Eligible Receiver 97](/source/Eligible_Receiver_97) tests the American government's readiness against [cyberattacks](/source/Cyberattack).

- December: [Information Security](https://www.hackersvella.org/blog/post/cyber-attack-and-data-breaches)[26] publishes first issue.[*[clarification needed](https://en.wikipedia.org/wiki/Wikipedia:Please_clarify)*]

- First high-profile attacks on Microsoft's [Windows NT](/source/Windows_NT) [operating system](/source/Operating_system)[44]

### 1998

- January: [Yahoo!](/source/Yahoo!) notifies Internet users that anyone visiting its site in the past month might have downloaded a [logic bomb](/source/Logic_bomb) and [worm](/source/Computer_worm) planted by hackers claiming a "logic bomb" will go off if computer hacker [Kevin Mitnick](/source/Kevin_Mitnick) is not released from prison.[45]

- February: The [Internet Software Consortium](/source/Internet_Software_Consortium) proposes the use of DNSSEC ([Domain Name System Security Extensions](/source/Domain_Name_System_Security_Extensions)) to secure [DNS servers](/source/DNS_server).

- May 19: The seven members of the hacker think tank known as [L0pht](/source/L0pht) testify in front of the US congressional Government Affairs committee on "Weak Computer Security in Government".

- June: Information Security publishes its first annual Industry Survey, finding that nearly three-quarters of organizations suffered a security incident in the previous year.[*[clarification needed](https://en.wikipedia.org/wiki/Wikipedia:Please_clarify)*]

- September: [Electronic Disturbance Theater](/source/Electronic_Disturbance_Theater), an online political performance-[art group](/source/Art_group), attacks the websites of [The Pentagon](/source/The_Pentagon), Mexican president [Ernesto Zedillo](/source/Ernesto_Zedillo), and the [Frankfurt Stock Exchange](/source/Frankfurt_Stock_Exchange), calling it [conceptual art](/source/Conceptual_art) and claiming it to be a protest against the suppression of the [Zapatista Army of National Liberation](/source/Zapatista_Army_of_National_Liberation) in southern Mexico. EDT uses the FloodNet software to bombard its opponents with access requests.[46]

- October: "[U.S. Attorney General](/source/U.S._Attorney_General) [Janet Reno](/source/Janet_Reno) announces [National Infrastructure Protection Center](/source/National_Infrastructure_Protection_Center)."

### 1999

- [Software security](/source/Software_security) goes mainstream In the wake of Microsoft's [Windows 98](/source/Windows_98) release, 1999 becomes a banner year for security (and hacking). Hundreds of advisories and patches are released in response to newfound (and widely publicized) [bugs](/source/Computer_bug) in Windows and other commercial software products. A host of security software vendors release anti-hacking products for use on home computers.

- U.S. President [Bill Clinton](/source/Bill_Clinton) announces a $1.46 billion initiative to improve government [computer security](/source/Computer_security). The plan would establish a network of intrusion detection monitors for certain federal agencies and encourage the private sector to do the same.

- January 7: The "Legion of the Underground" (LoU) declares "war" against the governments of Iraq and the People's Republic of China. An international coalition of hackers (including [Cult of the Dead Cow](/source/Cult_of_the_Dead_Cow), *2600*'s staff, *[Phrack](/source/Phrack)*'s staff, [L0pht](/source/L0pht), and the [Chaos Computer Club](/source/Chaos_Computer_Club)) issued a joint statement ([CRD 990107 - Hackers on planet earth against infowar](https://web.archive.org/web/20060316225519/http://www.cultdeadcow.com/news/statement19990107.html)) condemning the LoU's declaration of war. The LoU responded by withdrawing its declaration.

- March: The [Melissa worm](/source/Melissa_worm) is released and quickly becomes the most costly malware outbreak to date.

- July: [Cult of the Dead Cow](/source/Cult_of_the_Dead_Cow) releases [Back Orifice 2000](/source/Back_Orifice_2000) at [DEF CON](/source/DEF_CON).

- August: [Kevin Mitnick](/source/Kevin_Mitnick), is sentenced to 5 years, of which over 4 years had already been spent pre-trial including 8 months' solitary confinement.

- September: [Level Seven Crew](/source/Level_Seven_Crew) hacks the [U.S. Embassy in China](/source/Embassy_of_the_United_States%2C_Beijing)'s website and places racist, anti-government slogans on embassy site in regards to [1998 U.S. embassy bombings](/source/1998_U.S._embassy_bombings).[47]

- September 16: The [United States Department of Justice](/source/United_States_Department_of_Justice) sentences the "Phone Masters".[48]

- October: [American Express](/source/American_Express) introduces the "Blue" [smart card](/source/Smart_card), the industry's first chip-based credit card in the US.

- November 17: A hacker interviewed by [Hilly Rose](/source/Hilly_Rose) during the radio show *[Coast to Coast AM](/source/Coast_to_Coast_AM)* (then hosted by [Art Bell](/source/Art_Bell)) exposes a plot by al-Qaeda to derail [Amtrak](/source/Amtrak) trains. This results in all trains being forcibly stopped over [Y2K](/source/Year_2000_problem) as a safety measure.

## 2000s

v t e Hacking in the 2000s ← 1990s Timeline of security hacking incidents Timeline of computer viruses and worms 2010s → Incidents 2004 Titan Rain (2003–2006) Operation Firewall 2005 Sony BMG copy protection rootkit scandal 2007 Cyberattacks on Estonia Operation: Bot Roast 2008 Project Chanology Cyberattacks on Georgia Sarah Palin email hack US military cyberattack 2009 Operation Troy Operation Aurora (findings published in 2010) WebcamGate (2008–2010) Groups Anonymous associated events Avalanche Crime Boys GNAA Goatse Security Insanity Zine Corp. GhostNet Level Seven PLA Unit 61398 Prime Suspectz RBN ShadowCrew World of Hell Sandworm Individuals AKill Jeanson James Ancheta Lil Hacker BadB camZero Coolio Cyxymu diabl0 Albert Gonzalez Sam Hocevar Sven Jaschan Dan Kaminsky Samy Kamkar Dmitry Sklyarov Stakkato weev Vulnerabilities discovered Shatter attack (2002) Kaminsky DNS cache poisoning (2008) sslstrip (2009) Malware 2000 ILOVEYOU Pikachu 2001 Anna Kournikova Code Red Code Red II Klez Nimda 2002 Simile Swizzor Zmist 2003 AFX Windows Rootkit 2003 Blaster Graybird Gruel Mumu Sobig SQL Slammer Welchia 2004 Bagle Beast Bifrost Download.ject MP3Concept Mydoom NetSky NetTraveler Sasser Vundo 2005 Brontok Emcodec Extended Copy Protection Fast16 PGPCoder PoisonIvy Samy SpySheriff 2006 Agent.AWF Archiveus Clickbot Orbit Downloader Rustock Stration Zlob 2007 Alureon BlackEnergy Clampi Mebroot RSPlug Storm ZeuS 2008 Agent.BTZ Asprox Conficker Fun.exe Hupigon Mariposa Mocmex MonaRonaDona OpenCandy 2009 Jabber Zeus Kenzero Koobface MegaPanzer MiniPanzer SpyEye Waledac

### 2000

- May: The [ILOVEYOU](/source/ILOVEYOU) worm, also known as VBS/Loveletter and Love Bug worm, is a computer worm written in VBScript. It infected millions of computers worldwide within a few hours of its release. It is considered to be one of the most damaging worms ever. It originated in the Philippines; made by an [AMA Computer College](/source/AMA_Computer_University) student Onel de Guzman for his thesis.

- September: Computer hacker [Jonathan James](/source/Jonathan_James) became the first juvenile to serve jail time for hacking.

### 2001

- Microsoft becomes the prominent victim of a new type of hack that attacks the [domain name server](/source/Domain_name_server). In these [denial-of-service attacks](/source/Denial-of-service_attack), the DNS paths that take users to Microsoft's websites are corrupted.

- February: A Dutch cracker releases the [Anna Kournikova](/source/Anna_Kournikova) [virus](/source/Anna_Kournikova_(computer_virus)), initiating a wave of viruses that tempts users to open the infected attachment by promising a sexy picture of the Russian [tennis](/source/Tennis) star.

- April: FBI agents trick two Russian [crackers](/source/Hacker_(computer_security)) into coming to the U.S. and revealing how they were hacking U.S. banks.[49]

- July: Russian programmer [Dmitry Sklyarov](/source/Dmitry_Sklyarov) is arrested at the annual [DEF CON](/source/DEF_CON) hacker convention. He was the first person criminally charged with violating the [Digital Millennium Copyright Act](/source/Digital_Millennium_Copyright_Act) (DMCA).

- August: [Code Red worm](/source/Code_Red_worm), infects tens of thousands of machines.

- The National Cyber Security Alliance (NCSA) is established in response to the September 11 attacks on the World Trade Center.[50]

### 2002

- January: [Bill Gates](/source/Bill_Gates) decrees that Microsoft will [secure](/source/Security) its products and services, and kicks off a massive internal [training](/source/Training) and [quality control](/source/Quality_control) campaign.

- March: [Gary McKinnon](/source/Gary_McKinnon) is arrested following unauthorized access to US military and NASA computers.

- May: [Klez.H](/source/Klez), a variant of the worm discovered in November 2001, becomes the biggest [malware](/source/Malware) outbreak in terms of machines infected, but causes little monetary damage.

- June: The Bush administration files a bill to create the [Department of Homeland Security](/source/Department_of_Homeland_Security), which, among other things, will be responsible for protecting the nation's critical [IT](/source/Information_technology) [infrastructure](/source/Infrastructure).

- August: Researcher Chris Paget publishes a paper describing "[shatter attacks](/source/Shatter_attack)", detailing how Windows' unauthenticated [messaging system](/source/Messaging_system) can be used to take over a machine. The paper raises questions about how securable Windows could ever be. It is however largely derided as irrelevant as the vulnerabilities it described are caused by vulnerable applications (placing windows on the desktop with inappropriate privileges) rather than an inherent flaw within the Operating System.

- October: The [International Information Systems Security Certification Consortium](/source/(ISC)%C2%B2)—(ISC)²—confers its 10,000th [CISSP](/source/CISSP) certification.

### 2003

- The hacktivist group [Anonymous](/source/Anonymous_(group)) was formed.

- March: [Cult of the Dead Cow](/source/Cult_of_the_Dead_Cow) and [Hacktivismo](/source/Hacktivismo) are given permission by the [United States Department of Commerce](/source/United_States_Department_of_Commerce) to export software utilizing strong encryption.

### 2004

- March: [New Zealand](/source/New_Zealand)'s Government (National Party) website defaced by hacktivist group BlackMask[51]

- July: [North Korea](/source/North_Korea) claims to have trained 500 hackers who successfully crack South Korean, Japanese, and their allies' computer systems.[52]

- October: National Cyber Security Awareness Month was launched by the National Cyber Security Alliance and U.S. Department of Homeland Security.

### 2005

- April 2: Rafael Núñez (aka RaFa), a notorious member of the hacking group World of Hell, is arrested following his arrival at Miami International Airport for breaking into the [Defense Information Systems Agency](/source/Defense_Information_Systems_Agency) computer system in June 2001.[53]

- September 13: [Cameron Lacroix](/source/Cameron_Lacroix) is sentenced to 11 months for gaining access to [T-Mobile](/source/T-Mobile_US)'s network and exploiting [Paris Hilton](/source/Paris_Hilton)'s [Sidekick](/source/Danger_Hiptop).[54]

- November 3: [Jeanson James Ancheta](/source/Jeanson_James_Ancheta), whom prosecutors say was a member of the "Botmaster Underground", a group of [script kiddies](/source/Script_kiddie) mostly noted for their excessive use of [bot attacks](/source/Botnet) and propagating vast amounts of [spam](/source/Spamming), was taken into custody after being lured to FBI offices in Los Angeles.[55]

### 2006

- January: One of the few worms to take after the old form of malware, destruction of data rather than the accumulation of zombie networks to launch attacks from, is discovered. It had various names, including [Kama Sutra](/source/Kama_Sutra_(computer_worm)) (used by most media reports), Black Worm, Mywife, Blackmal, Nyxem version D, Kapser, KillAV, Grew and CME-24. The worm would spread through e-mail client address books, and would search for documents and fill them with garbage, instead of deleting them to confuse the user. It would also hit a web page counter when it took control, allowing the programmer who created it as well as the world to track the progress of the worm. It would replace documents with random garbage on the third of every month. It was hyped by the media but actually affected relatively few computers, and was not a real threat for most users.

- May: Jeanson James Ancheta receives a 57-month prison sentence,[56] and is ordered to pay damages amounting to $15,000 to the Naval Air Warfare Center in China Lake and the Defense Information Systems Agency, for damage done due to DDoS attacks and hacking. Ancheta also had to forfeit his gains to the government, which include $60,000 in cash, a BMW, and computer equipment.[56]

- May: The largest defacement in Web History as of that time is performed by the [Turkish](/source/Turkey) hacker iSKORPiTX who successfully hacked 21,549 websites in one shot.[57]

- July: Robert Moore and Edwin Pena were the first people to be charged by U.S. authorities for VoIP hacking. Robert Moore served 2 years in federal prison and was given $152,000 restitution. Once Edwin Pena was caught after fleeing the country, evading authorities for almost 2 years, he was sentenced to 10 years and given $1 million restitution.[58]

- September: Viodentia releases FairUse4WM tool which would remove [DRM](/source/Digital_rights_management) information off [Windows Media Audio](/source/Windows_Media_Audio) (WMA) files downloaded from music services such as Yahoo! Unlimited, Napster, Rhapsody Music and Urge.

### 2007

- May 17: [Estonia](/source/Estonia) recovers from a massive denial-of-service attack[59]

- June 13: FBI [Operation Bot Roast](/source/Operation%3A_Bot_Roast) finds over 1 million botnet victims[60]

- June 21: A [spear phishing](/source/Spear_phishing) incident at the [Office of the Secretary of Defense](/source/Office_of_the_Secretary_of_Defense) steals sensitive U.S. defense information, leading to significant changes in identity and message-source verification at OSD.[61][62]

- August 11: [United Nations](/source/United_Nations) website hacked by Indian Hacker Pankaj Kumar Singh.[63]

- November 14: Panda Burning Incense which is known by several other names, including Fujacks and Radoppan.T lead to the arrest of eight people in China. Panda Burning Incense was a parasitic virus that infected executable files on a PC. When infected, the icon of the executable file changes to an image of a panda holding three sticks of incense. The arrests were the first for virus writing in China.[64]

### 2008

- January 17: [Project Chanology](/source/Project_Chanology); [Anonymous](/source/Anonymous_(group)) attacks Scientology website servers around the world. Private documents are stolen from Scientology computers and distributed over the Internet.

- March 7: Around 20 Chinese hackers claim to have gained access to the world's most sensitive sites, including the [Pentagon](/source/The_Pentagon). They operated from an apartment on a Chinese island.[65]

- March 14: [Trend Micro](/source/Trend_Micro) website successfully hacked by Turkish hacker Janizary (aka Utku).[66]

### 2009

- April 4: [Conficker](/source/Conficker) worm infiltrated millions of PCs worldwide including many government-level top-security computer networks.[67]

## 2010s

v t e Hacking in the 2010s ← 2000s Timeline of security hacking incidents Timeline of computer viruses and worms 2020s → Major incidents 2010 Operation Aurora (publication of 2009 events) Australian cyberattacks Operation Olympic Games Operation ShadowNet Operation Payback Operation Socialist 2011 Canadian government DigiNotar DNSChanger HBGary Federal Operation AntiSec PlayStation network outage RSA SecurID compromise 2012 LinkedIn hack Stratfor email leak Operation High Roller 2013 South Korea cyberattack Snapchat hack Cyberterrorism attack of June 25 2013 Yahoo! data breach Singapore cyberattacks 2014 Anthem medical data breach Operation Tovar 2014 celebrity nude photo leak 2014 JPMorgan Chase data breach 2014 Sony Pictures hack Russian hacker password theft 2014 Yahoo! data breach 2015 Office of Personnel Management data breach HackingTeam Ashley Madison data breach TalkTalk data breach VTech data breach Ukrainian Power Grid Cyberattack SWIFT banking hack 2016 Bangladesh Bank robbery Hollywood Presbyterian Medical Center ransomware incident Commission on Elections data breach Democratic National Committee cyber attacks Vietnam Airport Hacks DCCC cyber attacks Indian Bank data breaches Surkov leaks Dyn cyberattack Russian interference in the 2016 U.S. elections 2016 Bitfinex hack 2017 SHAttered 2017 Macron e-mail leaks WannaCry ransomware attack Westminster data breach Petya and NotPetya 2017 Ukraine ransomware attacks Equifax data breach Deloitte breach Disqus breach 2018 Trustico Atlanta cyberattack British Airways data breach SingHealth data breach 2019 Sri Lanka cyberattack Baltimore ransomware attack Bulgarian revenue agency hack WhatsApp snooping scandal Jeff Bezos phone hacking incident Hacktivism Anonymous associated events CyberBerkut GNAA Goatse Security Lizard Squad LulzRaft LulzSec New World Hackers NullCrew OurMine PayPal 14 RedHack Teamp0ison TDO UGNazi Ukrainian Cyber Alliance Groups Appin Bangladesh Black Hat Hackers Bureau 121 Charming Kitten Cozy Bear Dark Basin DarkMatter Elfin Team Equation Group Fancy Bear GOSSIPGIRL (confederation) Guccifer 2.0 Hacking Team Helix Kitten Iranian Cyber Army Islamic State Hacking Division Lazarus Group BlueNorOff AndAriel Lords of Dharmaraja NSO Group Numbered Panda PLA Unit 61398 PLA Unit 61486 PLATINUM Pranknet Red Apollo Rocket Kitten Stealth Falcon Syrian Electronic Army Tailored Access Operations The Shadow Brokers xDedic Yemen Cyber Army Individuals Ryan Ackroyd Mustafa Al-Bassam Kim Anh Vo George Hotz Guccifer Elliott Gunton Jeremy Hammond Sam Hocevar Junaid Hussain MLT Sabu Track2 Topiary The Jester Major vulnerabilities publicly disclosed Evercookie (2010) iSeeYou (2013) Heartbleed (2014) Shellshock (2014) POODLE (2014) Rootpipe (2014) Row hammer (2014) SS7 vulnerabilities (2014) WinShock (2014) JASBUG (2015) Stagefright (2015) DROWN (2016) Badlock (2016) Dirty COW (2016) Cloudbleed (2017) Broadcom Wi-Fi (2017) EternalBlue (2017) DoublePulsar (2017) Silent Bob is Silent (2017) KRACK (2017) ROCA vulnerability (2017) BlueBorne (2017) Meltdown (2018) Spectre (2018) EFAIL (2018) Exactis (2018) Speculative Store Bypass (2018) Lazy FP state restore (2018) TLBleed (2018) SigSpoof (2018) Foreshadow (2018) Dragonblood (2019) Microarchitectural Data Sampling (2019) BlueKeep (2019) Kr00k (2019) Malware 2010 Bad Rabbit Black Energy 2 Blackshades Coreflood Kelihos Stuxnet 2011 Citadel Andromeda Alureon Duqu Gameover ZeuS Metulji botnet Stars ZeroAccess botnet 2012 Alina Carna Dexter Dridex FBI MoneyPak Flame Grum Mahdi Red October Shamoon 2013 BlackPOS CryptoLocker DarkSeoul Havex 2014 Brambul Black Energy 3 Carbanak Careto DarkHotel Duqu 2.0 Emotet FinFisher Gameover ZeuS Kronos Regin 2015 CenterPOS Hidden Tear Kasidet Rombertik TeslaCrypt Project Sauron 2016 FastPOS Hitler Industroyer Jigsaw KeRanger Locky Necurs MEMZ Mirai Pegasus Petya and NotPetya Philadelphia PunkeyPOS X-Agent 2017 BrickerBot Kirk LogicLocker Rensenware Triton WannaCry Xafecopy 2018 Annabelle Joanap VPNFilter 2019 R2D2 Tiny Banker Titanium

### 2010

- January 12: [Operation Aurora](/source/Operation_Aurora) Google publicly reveals[68] that it has been on the receiving end of a *"highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google"*

- June: The [Stuxnet](/source/Stuxnet) worm is found by VirusBlokAda. Stuxnet was unusual in that while it spread via Windows computers, its payload targeted just one specific model and type of [SCADA](/source/SCADA) systems. It slowly became clear that it was a cyber attack on Iran's nuclear facilities—with most experts believing that Israel[69] was behind it—perhaps with US help.

- December 3: The first malware conference, [MALCON](/source/Malcon) took place in India. Founded by Rajshekhar Murthy, malware coders were invited to showcase their skills at this annual event supported by the Indian government.

### 2011

- The hacker group [Lulz Security](/source/Lulz_Security) is formed.

- April 9: The [Bank of America](/source/Bank_of_America) website was hacked by a Turkish hacker named JeOPaRDY. An estimated 85,000 credit card numbers and accounts were reported to have been stolen due to the hack. Bank officials say no personal customer bank information is available on that web-page. Investigations are being conducted by the FBI to trace down the incriminated hacker.[70]

- April 17: An "[external intrusion](/source/PlayStation_Network_outage)" sends the [PlayStation Network](/source/PlayStation_Network) offline, and compromises personally identifying information (possibly including credit card details) of its 77 million accounts, in what is claimed to be one of the five largest [data breaches](/source/Data_breach) ever.[71]

- Computer hacker sl1nk releases information of his penetration in the servers of the Department of Defense (DoD), Pentagon, NASA, NSA, US Military, Department of the Navy, Space and Naval Warfare System Command and other UK/US government websites.[72]

- September: Bangladeshi hacker TiGER-M@TE made a world record in defacement history by hacking 700,000 websites in a single shot.[73]

- October 16: The [YouTube](/source/YouTube) channel of *[Sesame Street](/source/Sesame_Street)* was hacked, streaming [pornography](/source/Pornography) for about 22 minutes.[74]

- November 1: The main phone and Internet networks of the [Palestinian territories](/source/Palestinian_territories) sustained a hacker attack from multiple locations worldwide.[75]

- November 7: The forums for [Valve](/source/Valve_Corporation)'s [Steam](/source/Steam_(service)) service were hacked. Redirects for a hacking website, Fkn0wned, appeared on the Steam users' forums, offering "hacking tutorials and tools, porn, free giveaways and much more."[76]

- December 14: Five members of the Norwegian hacker group, Noria, were arrested, allegedly suspected for hacking into the email account of the militant extremist [Anders Behring Breivik](/source/Anders_Behring_Breivik) (who perpetrated the [2011 attacks](/source/2011_Norway_attacks) in the country).[77]

### 2012

- A hacker published over 400,000 credit cards online,[78] and threatened [Israel](/source/Israel) to release 1 million credit cards in the future. In response to that incident, an Israeli hacker published over 200 Albanian credit cards online.[79][80]

- [Gottfrid Svartholm Warg](/source/Gottfrid_Svartholm), the co-founder of [Pirate Bay](/source/The_Pirate_Bay), was convicted in Denmark of hacking a mainframe computer, in what was then Denmark's biggest hacking case.[81]

- January 7: "Team Appunity", a group of Norwegian hackers, were arrested for breaking into Norway's largest prostitution website then publishing the user database online.[82]

- February 3: [Marriott](/source/Marriott_International) was hacked by a [New Age](/source/New_Age) ideologist, Attila Nemeth who was resisting against the [New World Order](/source/New_World_Order_(conspiracy_theory)) where he said that corporations are allegedly controlling the world. As a response Marriott reported him to the United States Secret Service.[83]

- February 8: [Foxconn](/source/Foxconn) is hacked by a hacker group, "Swagg Security", releasing a massive amount of data including email and server logins, and even more alarming—bank account credentials of large companies like Apple and Microsoft. Swagg Security stages the attack just as a Foxconn protest ignites against terrible working conditions in southern China.[84]

- May 4: The websites of several Turkish representative offices of international IT-companies are defaced within the same day by Turkish hacker F0RTYS3V3N, including the websites of [Google](/source/Google), [Yandex](/source/Yandex), [Microsoft](/source/Microsoft), [Gmail](/source/Gmail), [MSN](/source/MSN), [Hotmail](/source/Hotmail), [PayPal](/source/PayPal).[85][86][87][88]

- May 24: WHMCS[*[who?](https://en.wikipedia.org/wiki/Wikipedia:Manual_of_Style/Words_to_watch#Unsupported_attributions)*] is hacked by [UGNazi](/source/UGNazi), they claim that the reason for this is because of the illegal sites that are using their software.

- May 31: [MyBB](/source/MyBB) is hacked by newly founded hacker group, [UGNazi](/source/UGNazi). The website was defaced for about a day, they claim their reasoning for this was because they were upset that the forum board Hackforums.net uses their software.

- June 5: The social networking website [LinkedIn](/source/LinkedIn) was [hacked](/source/2012_LinkedIn_hack) and the passwords for nearly 6.5 million user accounts were stolen. As a result, a United States grand jury indicted Nikulin and three unnamed co-conspirators on charges of aggravated identity theft and computer intrusion.

- August 15: [Saudi Aramco](/source/Saudi_Aramco) was crippled by a cyber warfare attack for months by malware called [Shamoon](/source/Shamoon). It was considered the biggest hack in history in terms of cost and destructiveness and carried out by the Iranian attacker group Cutting Sword of Justice.[89] Iranian hackers retaliated against Stuxnet by releasing Shamoon. The malware destroyed over 35,000 Saudi Aramco computers, affecting business operations for months.

- December 17: Computer hacker sl1nk announced that he had hacked a total of nine countries' [SCADA](/source/SCADA) systems. The proof included France, Norway, Russia, Spain, Sweden and the United States.[90]

### 2013

- The social networking website [Tumblr](/source/Tumblr) was attacked by hackers. Consequently, 65 million unique emails and passwords were leaked from Tumblr. The data breach's legitimacy is confirmed by computer security researcher [Troy Hunt](/source/Troy_Hunt).[91]

- August: The [Yahoo! data breaches](/source/Yahoo!_data_breaches) occurred. More than 3 billion users' data was leaked.[92]

### 2014

- February 7: The [bitcoin](/source/Bitcoin) exchange [Mt. Gox](/source/Mt._Gox) filed for bankruptcy after $460 million was apparently stolen by hackers due to "weaknesses in [their] system" and another $27.4 million went missing from its bank accounts.[93]

- October: The [White House](/source/White_House) computer system was hacked.[94] It was said that the FBI, the Secret Service, and other U.S. intelligence agencies categorized the attacks "among the most sophisticated attacks ever launched against U.S. government systems."[95]

- November 24: In response to the release of the film *[The Interview](/source/The_Interview)*, the servers of [Sony Pictures](/source/Sony_Pictures) are [hacked](/source/Sony_Pictures_hack) by a hacker group calling itself "Guardian of Peace".[96][97]

- November 28: The website of the Philippine telecommunications company [Globe Telecom](/source/Globe_Telecom) was hacked in response to the poor internet service they were distributing.[98]

### 2015

- June: the records of 21.5 million people, including social security numbers, dates of birth, addresses, fingerprints, and security clearance-related information, are [stolen from the United States Office of Personnel Management](/source/Office_of_Personnel_Management_data_breach) (OPM).[99] Most of the victims are employees of the United States government and unsuccessful applicants to it. *[The Wall Street Journal](/source/The_Wall_Street_Journal)* and *[The Washington Post](/source/The_Washington_Post)* report that government sources believe the hacker is the government of China.[100][101]

- July: The servers of extramarital affairs website [Ashley Madison](/source/Ashley_Madison_data_breach) were [breached](/source/Ashley_Madison_data_breach).

### 2016

- February: The 2016 [Bangladesh Bank heist](/source/Bangladesh_Bank_heist) attempted to steal US$951 million from a [Bangladesh Bank](/source/Bangladesh_Bank), and succeeded in getting $101 million—although some of this was later recovered.

- July 22: [WikiLeaks](/source/WikiLeaks) published the documents from the [2016 Democratic National Committee email leak](/source/2016_Democratic_National_Committee_email_leak).

- July 29: a group suspected coming from China launched hacker [attacks on the website of Vietnam Airlines](/source/Vietnamese_airports_hackings).

- August 13: [The Shadow Brokers](/source/The_Shadow_Brokers) (TSB) started publishing several leaks containing hacking tools from the [National Security Agency](/source/National_Security_Agency) (NSA), including several [zero-day exploits](/source/Zero-day_(computing)). The leaks were ongoing until April 2017.

- September: Hacker Ardit Ferizi is sentenced to 20 years in prison after being arrested for hacking U.S. servers and passing the leaked information to members of [ISIL](/source/ISIL) terrorist group back in 2015.[102]

- October: The [2016 Dyn cyberattack](/source/2016_Dyn_cyberattack) is being conducted with a botnet consisting of IOTs infected with [Mirai](/source/Mirai_(malware)) by the hacktivist groups SpainSquad, Anonymous, and New World Hackers, reportedly in retaliation for [Ecuador](/source/Ecuador)'s rescinding Internet access to [WikiLeaks](/source/WikiLeaks) founder [Julian Assange](/source/Julian_Assange) at their [embassy in London](/source/Embassy_of_Ecuador%2C_London), where he has been granted [asylum](/source/Right_of_asylum).[103]

- Late 2016: Hackers steal international personal user data from the company [Uber](/source/Uber), including phone numbers, email addresses, and names, of 57 million people and 600,000 driver's license numbers of drivers for the company. Uber's [GitHub](/source/GitHub) account was accessed through [Amazon's cloud](/source/Amazon_Web_Services)-based service. Uber paid the hackers $100,000 for assurances the data was destroyed.[104]

- December 2016: [Yahoo! data breaches](/source/Yahoo!_data_breaches) reported and affected more than 1 billion users. The data leakage includes user names, email addresses, telephone numbers, encrypted or unencrypted security questions and answers, dates of birth, and hashed passwords

### 2017

- April: The hacker group The Dark Overlord posted unreleased episodes of the television series *[Orange Is the New Black](/source/Orange_Is_the_New_Black)* after failing to extort the online entertainment company [Netflix](/source/Netflix).[105]

- May: [WannaCry ransomware attack](/source/WannaCry_ransomware_attack) started on Friday, May 12,[106] infecting more than 230,000 computers in over 150 countries.[107] A version of the unreleased [Disney](/source/Disney) film *[Pirates of the Caribbean: Dead Men Tell No Tales](/source/Pirates_of_the_Caribbean%3A_Dead_Men_Tell_No_Tales)* was held for ransom, with the attackers threatening its release to the public unless the ransom was paid in Bitcoin.[108]

- May: 25,000 digital photos and ID scans of patients of the Grozio Chirurgija [cosmetic surgery](/source/Cosmetic_surgery) clinic in [Lithuania](/source/Lithuania) were obtained and published without consent by an unknown group demanding ransoms.[109][110][111] Thousands of clients from more than 60 countries were affected.[109] The breach brought attention to weaknesses in Lithuania's information security.[109]

- June: [2017 Petya cyberattack](/source/2017_Petya_cyberattack).[112]

- June: TRITON (TRISIS), a malware framework designed to reprogram [Triconex](/source/Triconex) [safety instrumented systems](/source/Safety_instrumented_system) (SIS) of [industrial control systems](/source/Industrial_control_system) (ICS), was discovered in a Saudi Arabian Petrochemical plant.[113]

- August: Hackers demanded US$7.5 million in [Bitcoin](/source/Bitcoin) to stop the pre-release of [HBO](/source/HBO) shows and scripts, including *[Ballers](/source/Ballers)*, *[Room 104](/source/Room_104),* and *[Game of Thrones](/source/Game_of_Thrones)*.[114]

- May–July 2017: [The Equifax breach](/source/Equifax#May.E2.80.93July_2017_security_breach).[115]

- September 2017: [Deloitte breach](/source/Deloitte#Computer_hack).[116]

- December: [Mecklenburg County](/source/Mecklenburg_County%2C_North_Carolina), North Carolina computer systems were hacked. No ransom was paid.[117]

### 2018

- March: Computer systems in [Atlanta](/source/Atlanta), Georgia, are seized by hackers with [ransomware](/source/Ransomware). The city did not pay the ransom,[118] and two Iranians were indicted by the [FBI](/source/FBI) on cyber crime charges for the breach.[119]

- [Wasaga Beach](/source/Wasaga_Beach), Ontario, Canada's computer systems are seized by hackers with ransomware.[120]

- September: [Facebook](/source/Facebook) is hacked, exposing the personal information of approximately 30 million users when the hackers "stole" the "access tokens" of 400,000 Facebook users. The information accessible to the hackers included users' email addresses, phone numbers, friend lists, Groups they are members of, search information, timeline posts, and names of recent Messenger conversations.[121][122]

- October: [West Haven, Connecticut](/source/West_Haven%2C_Connecticut) computer systems were seized by hackers with ransomware. The city paid US$2,000 in ransom.[123]

- November: - The first U.S. indictment of individual people for [ransomware](/source/Ransomware) attacks occurred. The [U.S. Justice Department](/source/U.S._Justice_Department) indicted Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri, who allegedly used SamSam ransomware for extortion, netting more than US$6 million in ransom payments. The companies infected with the [ransomware](/source/Ransomware) included [Allscripts](/source/Allscripts), [Medstar Health](/source/MedStar_Health), and [Hollywood Presbyterian Medical Center](/source/Hollywood_Presbyterian_Medical_Center). The attacks caused victims to lose more than $30 million.[124] - Marriott disclosed that its Starwood Hotel brand had been [subject to a security breach](/source/Marriott_International#Data_breach).

### 2019

- March: [Jackson County](/source/Jackson_County%2C_Georgia) computer systems in Georgia were seized by hackers with [ransomware](/source/Ransomware). They were paid $400,000 in ransom.[125] [Albany](/source/Albany%2C_New_York),Ne w York experienced a ransomware cyber attack.[126][127]

- April: Computer systems in [Augusta](/source/Augusta%2C_Maine), Maine were seized by hackers using ransomware.[128][129] [Greenville](/source/Greenville%2C_North_Carolina), North Carolina's computer systems were seized using ransomware known as RobbinHood.[130][131] [Imperial County](/source/Imperial_County%2C_California), California's computer systems were seized using Ryuk ransomware.[132]

- May: Computer systems in [Baltimore](/source/Baltimore%2C_Maryland) were seized using RobbinHood that encrypts files with a "file-locking" virus, as well as the tool [EternalBlue](/source/EternalBlue).[133][134][135][136]

- June: [Riviera Beach, Florida](/source/Riviera_Beach%2C_Florida) paid approximately $600,000 in [Bitcoin](/source/Bitcoin) as ransom to hackers who seized their computers using ransomware.[137] The hackers stole 18 hours of unreleased music from the band [Radiohead](/source/Radiohead), demanding $150,000 in ransom. Radiohead did not pay the ransom and instead released the music publicly.[138]

- November: [Anonymous](/source/Anonymous_(group)) announced that they hacked into four Chinese computer databases and donated them to data breach indexing/notification service vigilante.pw. The hack was conducted to support the [2019 Hong Kong protests](/source/2019_Hong_Kong_protests), during the Hong Kong police's siege of [Polytechnic University](/source/Hong_Kong_Polytechnic_University). They also brought up a possible peace plan first proposed by an [Inha University](/source/Inha_University) professor in hopes of [Korean reunification](/source/Korean_reunification) and the five key demands of the Hong Kong protest being fulfilled at once.[139]

## 2020s

v t e Hacking in the 2020s ← 2010s Timeline of security hacking incidents Timeline of computer viruses and worms Major incidents 2020 BlueLeaks Twitter account hijacking European Medicines Agency data breach Nintendo data leak United States federal government data breach EasyJet data breach Vastaamo data breach Windows XP Service Pack 1 and Server 2003 RTM source code leaks 2021 Microsoft Exchange Server breach Ivanti Pulse Connect Secure data breach Colonial Pipeline ransomware attack Health Service Executive ransomware attack Waikato District Health Board ransomware attack JBS S.A. ransomware attack Kaseya VSA ransomware attack Transnet ransomware attack Epik data breach FBI email hack National Rifle Association ransomware attack Banco de Oro hack Iranian fuel cyberattack 2022 Ukraine cyberattacks Red Cross data breach Anonymous and the Russian invasion of Ukraine Viasat hack DDoS attacks on Romania Costa Rican ransomware attack LastPass vault theft Shanghai police database leak Grand Theft Auto VI content leak Optus data breach 2023 Munster Technological University ransomware attack Capita data breach Evide data breach MOVEit data breach Insomniac Games data breach Operation Triangulation cyberattack British Library cyberattack 2024 XZ Utils backdoor Kadokawa and Niconico Change Healthcare ransomware attack Ukrainian cyberattacks against Russia 2024 WazirX hack Trump campaign hack Fur Affinity domain hijacking IRLeaks attack on Iranian banks Internet Archive data breach i-Soon leak 2024 global telecommunications hack 2024 National Public Data breach 2025 Cyberattacks on Bank Sepah 2025 Paraguay ransomware attack 4chan hacking and data breach 2025 St. Paul cyberattack Jaguar Land Rover cyberattack Collins Aerospace cyberattack 2025 cyberattack on Polish power grid 2026 Aura (security) data breach ManageMyHealth data breach Neighbourly data breach Cyberwarfare during the 2026 Iran war 2026 Canvas data breach Groups Anonymous associated events Anonymous Sudan Berserk Bear BlackCat Clop Cozy Bear DarkMatter DarkSide Dark Storm Team Dridex Ghostwriter GnosticPlayers Guacamaya Hafnium Indian Cyber Force IT Army of Ukraine Killnet Lapsus$ LightBasin LockBit OceanLotus REvil Rhysida Sandworm Sakura Samurai ShinyHunters SiegedSec Vice Society Wizard Spider Individuals Graham Ivan Clark maia arson crimew IntelBroker Kirtaner Major vulnerabilities publicly disclosed SMBGhost (2020) Thunderspy (2020) PrintNightmare (2021) FORCEDENTRY (2021) Log4Shell (2021) Account pre-hijacking (2022) Retbleed (2022) Downfall (2023) LogoFAIL (2023) Reptar (2023) Terrapin (2023) GoFetch (2024) Sinkclose (2024) Copy Fail (2026) Malware Adrozek CovidLock Drovorub Predator BlackLotus Cyclops Blink Pipedream Akira ClickFix Gayfemboy BootKitty

This section needs to be updated. Please help update this article to reflect recent events or newly available information. (March 2025)

### 2020

- May 28: Anonymous declared a large-scale hack, three days after the [murder of George Floyd](/source/Murder_of_George_Floyd). An individual claiming to represent the group stated that "We are Legion. We do not forgive. We do not forget. Expect us." in a now-deleted video. Anonymous addressed police brutality, saying they "will be exposing [their] many crimes to the world". It was suspected that Anonymous were the cause for the downtime and public suspension of the [Minneapolis Police Department](/source/Minneapolis_Police_Department) website and its parent site, the [City of Minneapolis](/source/City_of_Minneapolis) website.[140]

- May: Indian national Shubham Upadhyay posed as Superintendent of Police and, using [social engineering](/source/Social_engineering_(security)), used a free caller identification app to call the in-charge of the Kotwali police station, K. K. Gupta, and threaten him in order to get his phone repaired during the [COVID-19 lockdown](/source/COVID-19_pandemic_lockdown_in_India). The attempt was foiled.[141]

- June: Anonymous claimed responsibility for stealing and leaking a trove of documents collectively nicknamed "[BlueLeaks](/source/BlueLeaks)". The 269-gigabyte collection was published by a leak-focused activist group known as [Distributed Denial of Secrets](/source/Distributed_Denial_of_Secrets). The group also took down the [Atlanta Police Department](/source/Atlanta_Police_Department)'s website via [DDoS](/source/DDoS) and defaced the [Brookhaven National Labs](/source/Brookhaven_National_Labs)'s website and a [Filipino](/source/Philippines) governmental webpage. They expressed support for [Julian Assange](/source/Julian_Assange) and press freedom, while briefly "taking a swing" against [Facebook](/source/Facebook), [Reddit](/source/Reddit), and [Wikipedia](/source/Wikipedia) for having "engaged in shady practices behind our prying eyes". In the case of Reddit, they posted a link to a court document describing the possible involvement of a moderator of the subreddit r/news in an online-harassment-related case.[142][143]

- June: The [Buffalo police department](/source/Buffalo_Police_Department)'s website was reportedly hacked by Anonymous.[144] While the site recovered within minutes, Anonymous tweeted again, urging that it be taken down.[145] Minutes later, the site went down again. The group also hacked Chicago police radios to play [N.W.A](/source/N.W.A)'s song, "[Fuck tha Police](/source/Fuck_tha_Police)".[146]

- June: Over 1,000 accounts on the multiplayer online game [Roblox](/source/Roblox) were hacked to display support for U.S. President [Donald Trump](/source/Donald_Trump).[147]

- July: The [2020 Twitter bitcoin scam](/source/2020_Twitter_bitcoin_scam) occurred.

- July: User credentials from writing website [Wattpad](/source/Wattpad) were stolen and leaked on a hacker forum. The database contained over 200 million records.[148]

- August: [Indian](/source/India) hackers defaced [Pakistani](/source/Pakistan) television channel *[Dawn News](/source/Dawn_News)* and displayed India's national flag with the message "Happy Independence Day" (referring to [15 August, Independence Day of India](/source/Independence_Day_(India))) at around 3:30 p.m. [IST](/source/Indian_Standard_Time).[149][150][151] *Dawn News* issued a statement saying they were investigating the matter.[152]

- August: A large number of [subreddits](/source/Reddit) were hacked to post material endorsing [Donald Trump](/source/Donald_Trump). The affected subreddits included r/BlackPeopleTwitter, r/3amJokes, r/NFL, and r/PhotoshopBattles. An entity calling itself "calvin goh and Melvern" claimed responsibility for the mass defacement and also made violent threats against a [Chinese embassy](/source/List_of_diplomatic_missions_of_China).[153]

- August: The US Air Force's Hack-A-Sat event was hosted at DEF CON's virtual conference, where groups such as Poland Can Into Space, FluxRepeatRocket, AddVulcan, Samurai, Solar Wine, PFS, 15 Fitty Tree, and 1064CBread competed to control a satellite in space. The Poland Can Into Space team was notable for successfully manipulating a satellite to take a picture of the [Moon](/source/Moon).[154][155]

- August: The website of Belarusian company "BrestTorgTeknika" was defaced by a hacker using the pseudonym "[Queen Elsa](/source/Queen_Elsa)", in support of the [2020–21 Belarusian protests](/source/2020%E2%80%9321_Belarusian_protests). The site read "Get Iced Iced already" and "Free Belarus, revolution of our times", the latter alluding to a slogan used in the [2019 Hong Kong protests](/source/2019_Hong_Kong_protests). The hack was announced on the r/Belarus subreddit by user "Socookre".[156]

- August: Multiple DDoS attacks forced [New Zealand](/source/New_Zealand)'s stock market to temporarily shut down.[157]

- September: The first suspected death from a cyberattack was reported after cybercriminals hit a hospital in [Düsseldorf](/source/D%C3%BCsseldorf), [Germany](/source/Germany) with [ransomware](/source/Ransomware).[158]

- October: A wave of [botnet](/source/Botnet)-coordinated ransomware [attacks against hospital infrastructure](/source/Cyberattack#Hospitals) occurred in the United States and was linked to Russia.[159] State security officials and American corporate security officers were concerned that these attacks were a prelude to [hacking of election infrastructure](/source/Election_security) during the [2020 elections](/source/2020_United_States_elections) the following month, similar to incidents during the [2016 United States elections](/source/Russian_interference_in_the_2016_United_States_elections#Intrusions_into_state_election_systems) and [other Russian cyberattacks](/source/Cyberwarfare_by_Russia);[160] no evidence emerged that election infrastructure was targeted in 2020.[161]

- December: A [supply chain attack](/source/Supply_chain_attack) targeting upstream dependencies from Texas IT service provider SolarWinds resulted in wide-ranging security breaches at the [U.S. Treasury](/source/U.S._Treasury) and [Commerce](/source/United_States_Commerce_Department) departments. White House officials did not immediately identify a culprit publicly; *[Reuters](/source/Reuters)*, citing sources "familiar with the investigation", pointed toward the Russian government.[162] An official statement shared by Senate Finance Committee ranking member, [Ron Wyden](/source/Ron_Wyden) said: "Hackers broke into systems in the Departmental Offices division of Treasury, home to the department's highest-ranking officials."[163]

- December: A bomb threat was posted from a [Twitter](/source/Twitter) account that appeared to have been hacked by people using the aliases "Omnipotent" and "choonkeat". The threat was directed at [Aeroflot](/source/Aeroflot) Flight 102, a passenger flight with tail number of VQ-BIL en route from [Moscow](/source/Moscow) to [New York City](/source/New_York_City). A runway at the [John F. Kennedy International Airport](/source/John_F._Kennedy_International_Airport) was temporarily closed, delaying Aeroflot Flight 103, a return flight back to Moscow.[164][165][166]

- December: [Anonymous](/source/Anonymous_(group)) initiated 'Christmas gift' defacements against multiple Russian portals, including a municipal website in [Tomsk](/source/Tomsk) and that of a regional football club. The defacements referenced Russian opposition activist [Alexei Navalny](/source/Alexei_Navalny), freedom protests in [Thailand](/source/Thailand) and [Belarus](/source/Belarus), and opposition to the [Chinese Communist Party](/source/Chinese_Communist_Party). They also held a mock award based on a *Roblox* game event called "RB Battles", where YouTubers Tanqr and KreekCraft--the winner and the runner up of the actual game event--were compared to Taiwan and [New Zealand](/source/New_Zealand) respectively, citing New Zealand's reported performance in fighting the [COVID-19 pandemic](/source/COVID-19_pandemic).[167]

### 2021

- January: The [Microsoft Exchange Server data breach](/source/2021_Microsoft_Exchange_Server_data_breach) occured.

- February: Anonymous announced cyberattacks on at least five [Malaysian](/source/Malaysia) websites. Eleven individuals were arrested as suspects.[168][169][170][171]

- February: The group "Myanmar Hackers" attacked several websites belonging to [Myanmar](/source/Myanmar) government agencies, including the [Central Bank of Myanmar](/source/Central_Bank_of_Myanmar) and the military-run *[Tatmadaw](/source/Tatmadaw)* True News Information Team. The group also targeted the Directorate of Investment and Company Administration, Trade Department, Customs Department, Ministry of Commerce, *Myawady TV,* and state-owned broadcaster Myanmar Radio and Television, as well as some private media outlets. A computer technician in Yangon determined that the hacks were denial-of-service attacks and that the group's motive was to protest the [2021 Myanmar coup](/source/2021_Myanmar_coup).[172]

- March: Cyber insurer [CNA Financial](/source/CNA_Financial), one of the largest insurance companies based in the U.S., was attacked with ransomware, causing the company to lose control of its network.[173] The company paid US$40 million to regain control. CNA initially ignored the hackers and attempted to resolve the problem independently; after remaining locked out, CNA paid the ransom within a week.[174] CNA's investigation reported that [cyberattack](/source/Cyberattack) group Phoenix had used Phoenix Locker malware, a variant of the Hades ransomware used by the Russian criminal hacking group, [Evil Corp](/source/Dridex#Evil_Corp).[175] The malware encrypted 15,000 devices on the network, as well as the computers of employees working remotely while logged into the company's VPN at the time of the attack.[174]

- April: The personal information of over 500 million [Facebook](/source/Facebook) users—including information on 32 million in the U.S.—was discovered posted on a hackers' website. Facebook claimed that the information was from a 2019 breach and that the company had already taken mitigation measures; however, the company declined to say whether it had notified the affected users of the breach.[176][177][178][*[better source needed](https://en.wikipedia.org/wiki/Wikipedia:Verifiability#Questionable_sources)*]

- April: The [Ivanti Pulse Connect Secure data breach](/source/Ivanti_Pulse_Connect_Secure_data_breach), involving unauthorized access to the networks of high-value targets since at least June 2020 via [CVE](/source/CVE_(identifier))-[2021-22893](https://nvd.nist.gov/vuln/detail/CVE-2021-22893) across the U.S. and some E.U. nations,[*[additional citation(s) needed](https://en.wikipedia.org/wiki/Wikipedia:Citation_needed)*][179] was reported. The breach was attributed to the use of [vulnerable](/source/Vulnerability_(computing)) [proprietary](/source/Proprietary_software) software. [180][181]

- May: Operations of the U.S. [Colonial Pipeline were interrupted](/source/Colonial_Pipeline_cyber_attack) by a ransomware cyberattack.[182]

- May 21: [Air India](/source/Air_India) was subjected to a [cyberattack in which the personal details of approximately 4.5 million customers were compromised,](/source/2021_Air_India_cyberattack) including passport and credit card details, birth dates, names and ticket information.[183][184]

- July 22: [Saudi Aramco](/source/Saudi_Aramco) data was leaked by a third-party contractor who demanded a US$50 million ransom. Saudi Aramco confirmed the incident after a hacker posted on a dark web forum on June 23 that he had stolen one terabyte of data concerning employees and the locations of oil refineries.[185][186][187]

- August: T-Mobile reported that data files containing information from approximately 40 million current, former, or prospective customers—including first and last names, dates of birth, Social Security numbers, and driver's license/ID information—were compromised.[188]

- September and October: The [2021 Epik data breach](/source/2021_Epik_data_breach) occured. Anonymous obtained and released over 400 gigabytes of data from the domain registrar and web hosting company [Epik](/source/Epik). The data was shared in three releases between September 13 and October 4. The first release included domain purchase and transfer details, account credentials and logins, payment histories, employee emails, and unidentified private keys.[189] The hackers claimed they had obtained "a decade's worth of data", including all customer data and records for every domain ever hosted or registered through the company, along with poorly encrypted passwords and other sensitive data stored in [plaintext](/source/Plaintext).[189][190] The second release contained bootable disk images and API keys for third-party services used by Epik;[191] the third contained additional disk images and archived data belonging to the [Republican Party of Texas](/source/Republican_Party_of_Texas), an Epik customer.[192]

- October 6: An anonymous 4chan user reportedly hacked and leaked the source code of [Twitch](/source/Twitch_(service)), as well as information on how much the streaming service had paid to nearly 2.4 million streamers since August 2019.[193] Source code from nearly 6,000 GitHub repositories was also leaked. The 4chan user described it as "part one" of a much larger release.[194]

- November and December: On November 24, Chen Zhaojun of Alibaba's Cloud Security Team reported a [zero-day](/source/Zero-day_(computing)) vulnerability—later dubbed [Log4Shell](/source/Log4Shell)—involving [arbitrary code execution](/source/Arbitrary_code_execution) in the [Java logging framework](/source/Java_logging_framework) software [Log4j](/source/Log4j).[195][196][197] The report was privately disclosed to the project developers of [Log4j](/source/Log4j) at [The Apache Software Foundation](/source/The_Apache_Software_Foundation) on November 24. On December 8, Zhaojun contacted the developers again, detailing how the vulnerability was being discussed in public security chat rooms and was already known to some security researchers, and urged the team to fix the vulnerability in the official release version of [Log4j](/source/Log4j).[197] Early exploitations were noticed on *Minecraft* servers on December 9; however, forensic analysis indicates that Log4Shell may have been exploited as early as December 1 or 2.[197][198][199][200] Due to the ubiquity of devices using[Log4j](/source/Log4j) software (hundreds of millions) and the simplicity in exploiting the vulnerability, it is considered one of the largest and most critical vulnerabilities ever discovered.[201][202] Big names in security hacking helped in regaining control over server, like [Graham Ivan Clark](/source/Graham_Ivan_Clark), and Elhamy A. Elsebaey. A portion of the vulnerability was fixed in a patch distributed on December 6, three days before the vulnerability was publicly disclosed.[197][199][203][204]

### 2022

- February: The German [Chaos Computer Club](/source/Chaos_Computer_Club) reported more than 50 data leaks. Government institutions and companies from various business sectors were affected. In total, researchers gained access to over 6.4 million personal data records, as well as terabytes of log data and source code.[205][206]

- March: In response to the [Russian invasion of Ukraine](/source/Russian_invasion_of_Ukraine), [Anonymous](/source/Anonymous_(hacker_group)) [carried out numerous cyberattacks](/source/Anonymous_and_the_Russian_invasion_of_Ukraine) against computer systems in Russia, including one against [Roskomnadzor](/source/Roskomnadzor).[207]

- March 23: Hackers compromised the Ronin Network, stealing approximately US$620 million in [Ether](/source/Ethereum) and [USDC](/source/USD_Coin).[208][209][210] A total of 173,600 Ether and 25.5 million USDC tokens were stolen in two transactions.[211] It took the company six days to detect the breach.[211] As of May 2026, the hack remains the largest breach in the cryptocurrency sector by dollar value.[212] The incident further depressed the value of SLP.[213] On April 8, Sky Mavis said it expected to recover some of the funds, though it would take several years.[214] The company raised additional venture capital and reimbursed all users affected in the hack.[215] On April 14, the [FBI](/source/Federal_Bureau_of_Investigation) issued a statement attributing the theft to the [Lazarus Group](/source/Lazarus_Group) and APT38, [North Korean](/source/North_Korea) state-sponsored hacker groups.[216][217] The US Treasury [sanctioned](/source/Sanctions_against_North_Korea) the cryptocurrency address. Some of the stolen cryptocurrency was laundered through a [cryptocurrency tumbler](/source/Cryptocurrency_tumbler) known as "[Tornado Cash](/source/Tornado_Cash)".[217][218][219]

- April: Anonymous hacked Russian companies Aerogas, Forest, and Petrovsky Fort, leaking approximately 437,500 emails, which they donated to the non-profit whistleblower organization [Distributed Denial of Secrets](/source/Distributed_Denial_of_Secrets). They also leaked 446 GB of data from [the Russian Ministry of Culture](/source/Russian_Ministry_of_Culture).[220][221]

- April 19: Gijón City Council in Spain was attacked by the GERVASIA computer virus, resulting in data hijacking.[222]

- May: Network Battalion 65 (NB65), a hacktivist group affiliated with Anonymous, reportedly hacked Russian payment processor [Qiwi](/source/Qiwi). A total of 10.5 [terabytes](/source/Terabytes) of data, including transaction records and customers' credit card information, were exfiltrated. The group also infected Qiwi with ransomware and threatened to release additional customer records.[223]

- May: During [Victory Day in Russia](/source/Victory_Day_(9_May)), anti-war messages were inserted into Russian television schedules, including those of [Russia-1](/source/Russia-1), Channel 1, and [NTV-Plus](/source/NTV-Plus). One message read: "On your hands is the blood of thousands of Ukrainians and their hundreds of murdered children. TV and the authorities are lying. No to war."[224]

- June: A hacker on the Breach Forums claimed to have leaked more than one billion personal records from the [Shanghai National Police Database](/source/Shanghai_National_Police_Database).[225]

### 2023

- March: Amidst the [Russian invasion of Ukraine](/source/2022_Russian_invasion_of_Ukraine), hackers accessed Russian television and radio stations and broadcast false warnings of an impending [nuclear attack](/source/Nuclear_warfare).[226]

- October: In response to the [October 7 Hamas-led attack on Israel](/source/2023_Hamas-led_attack_on_Israel), the Indian hacktivist group [Indian Cyber Force](/source/Indian_Cyber_Force) took down the websites of the [Palestinian National Bank](/source/The_National_Bank_(Palestine)), [National Telecommunications Company](/source/Paltel_Group), and [Hamas](/source/Hamas).[227][228][229]

- November: A cyberattack on [DP World](/source/DP_World) paralyzed imports and exports in Australia for several days. DP World accounts for approximately 40% of Australia's imports and exports, leading to a 30,000-container backlog; additionally, data was stolen.[230][231][232]

### 2024

- January: [Indian Cyber Force](/source/Indian_Cyber_Force) targeted the [Maldives](/source/Maldives) amid diplomatic tensions following derogatory social media comments made by three Maldivian ministers about Indian Prime Minister [Narendra Modi](/source/Narendra_Modi). The websites of the Maldives' [Home Ministry](/source/Ministry_of_Homeland_Security_and_Technology_(Maldives)), [Juvenile Court](https://juvenilecourt.gov.mv/), and [President's Office](https://presidency.gov.mv/) were [defaced](/source/Website_defacement), and the [Facebook](/source/Facebook) page of the Auditor General's Office was also defaced.[233][234][235][236][237]

- February: The [XZ Utils backdoor](/source/XZ_Utils_backdoor) incident occured.

- February: The website of Burger Singh, an [Indian](/source/India) food franchise, was hacked by the [Pakistani](/source/Pakistan) hacker group Team Insane PK. The group defaced the website, warned Indian hackers to cease attacks on Pakistani websites, and embedded a video depicting the [Pakistani Air Force](/source/Pakistani_Air_Force).[238]

- June: Russian hackers infiltrated Microsoft's systems, accessing staff and customer emails, leading to regulatory scrutiny and a congressional hearing. Microsoft stated that it was notifying affected customers and working to enhance its security practices in response to these vulnerabilities.[239]

- September: Unknown hackers accessed data from the Netherlands' [National Police Corps](/source/National_Police_Corps_(Netherlands)), resulting in a data breach.[240]

### 2025

- April: [4chan](/source/4chan) was hacked by an anonymous user associated with [soyjak.party](/source/Soyjak.party), a rival [imageboard](/source/Imageboard) website. Source code and user login data for email-registered accounts were reportedly acquired and leaked.[241][242] Additionally, the previously deleted /qa/ board was restored.[243]

- June: Iran's state television service [IRIB](/source/Islamic_Republic_of_Iran_Broadcasting) experienced a [broadcast signal intrusion](/source/Broadcast_signal_intrusion) by Israeli hackers, who aired footage of women protesting against [the hijab](/source/Hijab) and cutting their hair.[244][245]

- July: [Elmo](/source/Elmo)'s X account was hacked and used to post antisemitic messages and call on President [Donald Trump](/source/Donald_Trump) to release the [Jeffrey Epstein client list](/source/Jeffrey_Epstein_client_list).[246]

## See also

- [List of cyberattacks](/source/List_of_cyberattacks)

- [List of data breaches](/source/List_of_data_breaches)

- [List of phishing incidents](/source/List_of_phishing_incidents)

## References

1. **[^](#cite_ref-1)** Marks, Paul (December 27, 2011). ["Dot-dash-diss: The gentleman hacker's 1904 lulz"](https://www.newscientist.com/article/mg21228440-700-dot-dash-diss-the-gentleman-hackers-1903-lulz/). *New Scientist*. Retrieved January 11, 2012.

1. **[^](#cite_ref-Davis_2-0)** Davis, Amanda. ["A History of Hacking - IEEE - The Institute"](https://web.archive.org/web/20150313222911/http://theinstitute.ieee.org/technology-focus/technology-history/a-history-of-hacking). *[IEEE](/source/IEEE)*. Archived from [the original](http://theinstitute.ieee.org/technology-focus/technology-history/a-history-of-hacking) on March 13, 2015. Retrieved July 1, 2017.

1. **[^](#cite_ref-3)** ["When did the term 'computer virus' arise?"](https://www.scientificamerican.com/article/when-did-the-term-compute/). *Scientific American*. Retrieved July 27, 2018.

1. **[^](#cite_ref-4)** Yagoda, Ben (March 6, 2014). ["A Short History of "Hack""](http://www.newyorker.com/tech/elements/a-short-history-of-hack). Retrieved July 22, 2017.

1. **[^](#cite_ref-5)** ["Hacking and Blue Boxes | The Story of Information"](https://infostory.com/2011/11/20/hacking-and-blue-boxes/). *Infostory.com*. November 20, 2011. Retrieved July 1, 2017.

1. **[^](#cite_ref-6)** Duarte, Gustavo (August 27, 2008). ["First Recorded Usage of "Hacker" - Gustavo Duarte"](http://duartes.org/gustavo/blog/post/first-recorded-usage-of-hacker/). *Duartes.org*. Retrieved July 1, 2017.

1. **[^](#cite_ref-7)** ["Archived copy"](https://web.archive.org/web/20160314083748/http://tech.mit.edu/V83/PDF/V83-N24.pdf) (PDF). Archived from [the original](http://tech.mit.edu/V83/PDF/V83-N24.pdf) (PDF) on March 14, 2016. Retrieved January 4, 2017.{{[cite web](https://en.wikipedia.org/wiki/Template:Cite_web)}}: CS1 maint: archived copy as title ([link](https://en.wikipedia.org/wiki/Category:CS1_maint:_archived_copy_as_title))

1. **[^](#cite_ref-8)** Corbató, Fernando J. (1991-03-05). ["Turing Lecture Paper: On Building Systems That Will Fail"](http://larch-www.lcs.mit.edu:8001/~corbato/turing91/). *Larch-www.lcs.mit.edu:8001*. Retrieved July 1, 2017.

1. **[^](#cite_ref-9)** ["IBM CTSS on 7094 Text Editor Password information disclosure"](https://vuldb.com/?id.67031). *VulDB*. Retrieved 2026-02-21.

1. **[^](#cite_ref-10)** McMillan, Robert (2012-01-27). ["The World's First Computer Password? It Was Useless Too"](https://www.wired.com/2012/01/computer-password/). *[WIRED](/source/Wired_(magazine))*. Retrieved July 1, 2017.

1. **[^](#cite_ref-11)** Falkoff, A. D. (December 1, 1991). "The Family of APL Systems". *IBM Systems Journal*. **30** (4): 416–432. [doi](/source/Doi_(identifier)):[10.1147/sj.304.0416](https://doi.org/10.1147%2Fsj.304.0416). [S2CID](/source/S2CID_(identifier)) [19030940](https://api.semanticscholar.org/CorpusID:19030940).

1. **[^](#cite_ref-12)** Rosenbaum, Ron (October 7, 2011). ["The article that inspired Steve Jobs: "Secrets of the Little Blue Box""](http://www.slate.com/articles/technology/the_spectator/2011/10/the_article_that_inspired_steve_jobs_secrets_of_the_little_blue_.html). *Slate*. Retrieved July 1, 2017.

1. **[^](#cite_ref-13)** ["The Memory Hole > The Missing Chapter from The Art of Deception by Kevin Mitnick"](https://web.archive.org/web/20090317050834/http://www.thememoryhole.org/lit/deception-ch1.htm). Archived from the original on March 17, 2009. Retrieved July 1, 2017.{{[cite web](https://en.wikipedia.org/wiki/Template:Cite_web)}}: CS1 maint: bot: original URL status unknown ([link](https://en.wikipedia.org/wiki/Category:CS1_maint:_bot:_original_URL_status_unknown))

1. ^ [***a***](#cite_ref-mclellan19810726_14-0) [***b***](#cite_ref-mclellan19810726_14-1) McLellan, Vin (July 26, 1981). ["Case of the Purloined Password"](https://www.nytimes.com/1981/07/26/business/case-of-the-purloined-password.html). *The New York Times*. Retrieved August 11, 2015.

1. **[^](#cite_ref-15)** ["The Greatest Hacks of All Time"](http://archive.wired.com/science/discoveries/news/2001/02/41630?currentPage=all). *WIRED*. February 6, 2001.

1. **[^](#cite_ref-drzmzu_16-0)** Elmer-DeWitt, Philip (August 29, 1983). ["The 414 Gang Strikes Again"](https://web.archive.org/web/20071202043840/http://www.time.com/time/magazine/article/0,9171,949797,00.html). *[Time](/source/Time_(magazine))*. p. 75. Archived from [the original](http://www.time.com/time/magazine/article/0,9171,949797,00.html) on December 2, 2007.

1. **[^](#cite_ref-iophas_17-0)** "Beware: Hackers at play". *Newsweek*. September 5, 1983. pp. 42–46, 48.

1. **[^](#cite_ref-18)** Van Creveld, M. (2013). [*Wargames: from gladiators to gigabytes*](http://search.ebscohost.com/login.aspx?direct=true&db=cat04202a&AN=ucb.b25151397&site=eds-live). Cambridge University Press.

1. **[^](#cite_ref-19)** ["Timeline: The U.S. Government and Cybersecurity"](https://www.washingtonpost.com/wp-dyn/articles/A50606-2002Jun26.html). *Washington Post*. 2002. Retrieved April 14, 2006.

1. **[^](#cite_ref-20)** Thompson, Ken (October 1983). ["Reflections on Trusting Trust"](http://www.acm.org/awards/article/a1983-thompson.pdf) (PDF). *1983 Turing Award Lecture*. [ACM](/source/Association_for_Computing_Machinery).

1. **[^](#cite_ref-21)** Cornwall, Hugo. (1986). *The hacker's handbook* (Rev. ed.). Alexandria, Minn.: E.A. Brown Co. [ISBN](/source/ISBN_(identifier)) [0-912579-06-4](https://en.wikipedia.org/wiki/Special:BookSources/0-912579-06-4). [OCLC](/source/OCLC_(identifier)) [21561291](https://search.worldcat.org/oclc/21561291).

1. **[^](#cite_ref-22)** ["2600: The Hacker Quarterly (Volume 2, Number 8, August 1985) | United States Postal Service | Telephone Tapping"](https://www.scribd.com/doc/34933732/2600-The-Hacker-Quarterly-Volume-2-Number-8-August-1985). *Scribd.com*. Retrieved July 1, 2017.

1. **[^](#cite_ref-23)** ["New Jersey Statute Directory - NJSA 2C:20-25 Computer criminal activity; degree of crime; sentencing"](http://nj-statute-info.com/getStatute.php?statute_id=1618). *Nj-statute-info.com*. Retrieved July 1, 2017.

1. **[^](#cite_ref-24)** ["TUCoPS :: Cyber Law :: psbust.txt"](https://web.archive.org/web/20150923174209/http://www.artofhacking.com/tucops/etc/law/live/aoh_psbust.htm). *Artofhacking.com*. Archived from [the original](http://www.artofhacking.com/tucops/etc/law/live/aoh_psbust.htm) on September 23, 2015. Retrieved July 1, 2017.

1. **[^](#cite_ref-25)** ["2600 Article"](https://web.archive.org/web/20120426005909/http://2600.wrepp.com/2600/article.php?i=128&a=1777). Archived from [the original](http://2600.wrepp.com/2600/article.php?i=128&a=1777) on April 26, 2012. Retrieved October 26, 2011.

1. ^ [***a***](#cite_ref-Shrivastava_26-0) [***b***](#cite_ref-Shrivastava_26-1) [***c***](#cite_ref-Shrivastava_26-2) Shrivastava, Akash (2024-09-27). ["Cyber Attacks and Data Breaches"](https://www.hackersvella.org/blog/post/cyber-attack-and-data-breaches). *HackersvellA*. Retrieved 2024-09-27.

1. **[^](#cite_ref-27)** "'Hacking' into Prestel is not a Forgery Act offence". *The Times*. 1987-07-21.

1. **[^](#cite_ref-28)** Stoll, Cliff (1989). [*The cuckoo's egg*](https://archive.org/details/cuckooseggtracki00stol). New York: Doubleday. [ISBN](/source/ISBN_(identifier)) [0-370-31433-6](https://en.wikipedia.org/wiki/Special:BookSources/0-370-31433-6).

1. **[^](#cite_ref-29)** Burger, R. (1988). *Computer viruses - a high tech disease*. Abacus/Data Becker Gmbh. [ISBN](/source/ISBN_(identifier)) [1-55755-043-3](https://en.wikipedia.org/wiki/Special:BookSources/1-55755-043-3).

1. **[^](#cite_ref-30)** Spafford, E.H. "The Internet Worm Program: An Analysis". *Purdue Technical Report CSD-TR-823*.

1. **[^](#cite_ref-31)** Eichin, M.W.; Rochlis, J.A. (1989). "With Microscope and Tweezers: An Analysis of the Internet Virus of November 1988". *MIT*.

1. **[^](#cite_ref-32)** John Markoff. ["Computer Intruder is Put on Probation and Fined"](https://www.nytimes.com/1990/05/05/us/computer-intruder-is-put-on-probation-and-fined-10000.html). *The New York Times*. The total fine ran to $13,326, which included a $10,000 fine, $50 special assessment, and $3,276 cost of probation oversight.

1. **[^](#cite_ref-33)** Bill Apro & Graeme Hammond (2005). *Hackers: The Hunt for Australia's Most Infamous Computer Cracker*. Five Mile Press. [ISBN](/source/ISBN_(identifier)) [1-74124-722-5](https://en.wikipedia.org/wiki/Special:BookSources/1-74124-722-5).

1. **[^](#cite_ref-34)** Easttom, C (2018). ["An Examination of the Operational Requirements of Weaponised Malware"](https://www.proquest.com/docview/2137386551). *Journal of Information Warfare*. **17**: 1–15. [ProQuest](/source/ProQuest) [2137386551](https://www.proquest.com/docview/2137386551).

1. **[^](#cite_ref-ripco_35-0)** Esquibel, Bruce (October 8, 1994). [""Operation Sundevil" is finally over for Dr. Ripco"](https://web.archive.org/web/20110810225717/http://w2.eff.org/legal/cases/SJG/?f=ripco_case_closed.article.txt). [Electronic Frontier Foundation](/source/Electronic_Frontier_Foundation). Archived from [the original](https://w2.eff.org/legal/cases/SJG/?f=ripco_case_closed.article.txt) on August 10, 2011. Retrieved March 8, 2009.

1. **[^](#cite_ref-36)** Poulsen, Kevin (January 21, 2000). ["The case of the kung fu 'phreak'"](https://www.zdnet.com/article/the-case-of-the-kung-fu-phreak/). *[ZDNet](/source/ZDNet)*. Retrieved May 12, 2015.

1. **[^](#cite_ref-emptimes11mar95_37-0)** ["Recent Large Name Phreaker Busts by Anonymous"](http://www.textfiles.com/magazines/EMPIRE/empire-7.phk). EmpireTimes. March 11, 1995.

1. **[^](#cite_ref-38)** Office, United States General Accounting (1996). [*Information Security: Computer Attacks at Department of Defense Pose Increasing Risks : Report to Congressional Requesters*](https://books.google.com/books?id=efKOYhSaz_wC&pg=PA2). The Office. p. 2.

1. **[^](#cite_ref-39)** United States Congress Senate Committee on Governmental Affairs Permanent Subcommittee on Investigations (1996). [*Security in Cyberspace: Hearings Before the Permanent Subcommittee on Investigations of the Committee on Governmental Affairs, United States Senate, One Hundred Fourth Congress, Second Session, May 22, June 5, 25, and July 16, 1996*](https://books.google.com/books?id=t-AUYV0YPsMC&pg=PA424). U.S. Government Printing Office. p. 424. [ISBN](/source/ISBN_(identifier)) [978-0-16-053913-8](https://en.wikipedia.org/wiki/Special:BookSources/978-0-16-053913-8).

1. **[^](#cite_ref-40)** Holt, Thomas J.; Bossler, Adam M.; Seigfried-Spellar, Kathryn C. (2017). [*Cybercrime and Digital Forensics: An Introduction*](https://books.google.com/books?id=7SA6DwAAQBAJ&pg=PT70). Routledge. [ISBN](/source/ISBN_(identifier)) [978-1-315-29695-1](https://en.wikipedia.org/wiki/Special:BookSources/978-1-315-29695-1).

1. **[^](#cite_ref-41)** Wang, Shuangbao Paul; Ledley, Robert S. (2013). [*Computer Architecture and Security: Fundamentals of Designing Secure Computer Systems*](https://books.google.com/books?id=b2P5DwAAQBAJ&pg=PA29). John Wiley & Sons. p. 29. [ISBN](/source/ISBN_(identifier)) [978-1-118-16881-3](https://en.wikipedia.org/wiki/Special:BookSources/978-1-118-16881-3).

1. **[^](#cite_ref-Young_and_Yung_96_42-0)** A. Young; [M. Yung](/source/Moti_Yung). ["Cryptovirology: Extortion-Based Security Threats and Countermeasures"](https://ieeexplore.ieee.org/document/502676). *IEEE Symposium on Security & Privacy, May 6–8, 1996*. pp. 129–141.

1. **[^](#cite_ref-43)** Committee on Information Systems Trustworthiness, National Research Council (1999). ["Trust in Cyberspace"](https://web.archive.org/web/20040313235420/http://www.nap.edu/html/trust/trust-1.htm). Archived from [the original](http://www.nap.edu/html/trust/trust-1.htm) on 13 March 2004.

1. **[^](#cite_ref-44)** ["Hackers jam Microsoft's site"](https://news.cnet.com/Hackers-jam-Microsofts-site/2100-1023_3-200788.html). 1997.

1. **[^](#cite_ref-45)** Associated Press (December 10, 1997). ["Hackers Leave Ransom Note on Yahoo Site"](https://www.latimes.com/archives/la-xpm-1997-dec-10-fi-62418-story.html). Retrieved May 19, 2017.

1. **[^](#cite_ref-46)** ["Pentagon Deflects Web Assault | WIRED"](http://archive.wired.com/politics/law/news/1998/09/14931). *Wired*. September 10, 1998. Retrieved July 1, 2017.

1. **[^](#cite_ref-47)** ["CNN - Embassy site hackers aimed to show its vulnerability - September 8, 1999"](https://web.archive.org/web/20030206011937/http://www.cnn.com/TECH/computing/9909/08/hack.folo/). *[CNN](/source/CNN)*. February 6, 2003. Archived from [the original](http://www.cnn.com/TECH/computing/9909/08/hack.folo/) on 2003-02-06.

1. **[^](#cite_ref-usdoj16sep99_48-0)** ["U.S. Department of Justice, For Immediate Release, Dallas, Texas"](https://web.archive.org/web/20090531153024/http://www.usdoj.gov/criminal/cybercrime/phonmast.htm). [USDOJ](/source/USDOJ). September 16, 1999. Archived from [the original](https://www.usdoj.gov/criminal/cybercrime/phonmast.htm) on May 31, 2009.

1. **[^](#cite_ref-49)** ["FBI sting snares top Russian crackers"](https://www.theregister.co.uk/2002/10/07/fbi_sting_snares_top_russian/). *[The Register](/source/The_Register)*.

1. **[^](#cite_ref-50)** ["Get Online Safety Resources from the National Cyber Security Alliance"](https://www.staysafeonline.org).

1. **[^](#cite_ref-51)** ["Police called after National Party website hacked"](https://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=3554851). *NZ Herald*. March 15, 2004.

1. **[^](#cite_ref-52)** ["North Korean hackers sabotage computer networks of South Korea"](https://web.archive.org/web/20070806085912/http://english.pravda.ru/world/20/91/366/14396_nkorea.html). [Pravda Online](/source/Pravda_Online). Archived from [the original](http://english.pravda.ru/world/20/91/366/14396_nkorea.html) on August 6, 2007. Retrieved October 14, 2008.

1. **[^](#cite_ref-53)** Lemos., Rob (April 11, 2005). ["Campaign seeks to defang Rafa's hacker image"](http://www.securityfocus.com/news/10868). *Security Focus*.

1. **[^](#cite_ref-54)** Krebs, Brian (September 13, 2005). ["Teen Pleads Guilty to Hacking Paris Hilton's Phone"](https://www.washingtonpost.com/wp-dyn/content/article/2005/09/13/AR2005091301423.html). *The Washington Post*. Retrieved September 13, 2009.

1. **[^](#cite_ref-vnunet_2145579_55-0)** Iain Thomson (November 4, 2005). ["FBI sting nets botnet hacker"](https://web.archive.org/web/20071220142959/http://www.vnunet.com/vnunet/news/2145579/fbi-arrest-botnet-master). vnunet.com. Archived from [the original](http://www.vnunet.com/vnunet/news/2145579/fbi-arrest-botnet-master) on December 20, 2007. Retrieved September 26, 2008.

1. ^ [***a***](#cite_ref-techweb.com_56-0) [***b***](#cite_ref-techweb.com_56-1) ["Botnet Herder Corralled; to Serve 57 Months - Security Technology News by TechWeb"](https://web.archive.org/web/20070927001108/http://www.techweb.com/wire/security/187201459). Archived from [the original](http://www.techweb.com/wire/security/187201459) on September 27, 2007. Retrieved May 3, 2007.

1. **[^](#cite_ref-57)** ["World Record : 404907 websites hacked by Iskorpitx (Turkish Hacker) !"](https://thehackernews.com/2010/12/world-record-404907-websites-hacked-by.html). *The Hacker News*. Retrieved 2022-05-01.

1. **[^](#cite_ref-58)** McMillan, Robert (September 24, 2010). ["Man gets 10 years for VoIP hacking"](https://www.computerworld.com/article/2516044/man-gets-10-years-for-voip-hacking.html). *Computerworld*. Retrieved May 27, 2019.

1. **[^](#cite_ref-59)** Kirk, Jeremy (May 17, 2007). ["Estonia recovers from massive denial-of-service attack"](https://web.archive.org/web/20131203004316/http://www.networkworld.com/news/2007/051707-estonia-recovers-from-massive-denial-of-service.html). *Network World*. Archived from [the original](http://www.networkworld.com/news/2007/051707-estonia-recovers-from-massive-denial-of-service.html) on December 3, 2013. Retrieved March 14, 2015.

1. **[^](#cite_ref-60)** Cooney, Michael (June 13, 2007). ["FBI: Operation Bot Roast finds over 1 million botnet victims"](https://web.archive.org/web/20131203013446/http://www.networkworld.com/community/node/16193). *Network World*. Archived from [the original](http://www.networkworld.com/community/node/16193) on December 3, 2013. Retrieved March 14, 2015.

1. **[^](#cite_ref-McMillan_61-0)** McMillan, Robert (June 21, 2007). ["Pentagon shuts down systems after cyberattack"](https://web.archive.org/web/20080706013512/http://www.infoworld.com/article/07/06/21/Pentagon-shuts-down-systems-after-cyberattack_1.html). *[InfoWorld](/source/InfoWorld)*. [IDG](/source/International_Data_Group). Archived from [the original](http://www.infoworld.com/article/07/06/21/Pentagon-shuts-down-systems-after-cyberattack_1.html) on July 6, 2008. Retrieved March 10, 2008.

1. **[^](#cite_ref-Aitoro_62-0)** Aitoro, Jill R. (March 5, 2008). ["Defense officials still concerned about data lost in 2007 network attack"](https://web.archive.org/web/20080310011808/http://www.govexec.com/story_page.cfm?articleid=39456). *Government Executive*. [National Journal Group](/source/National_Journal_Group). Archived from [the original](http://www.govexec.com/story_page.cfm?articleid=39456) on March 10, 2008. Retrieved March 10, 2008.

1. **[^](#cite_ref-63)** ["BMnin sitesi hacklendi haberi"](https://web.archive.org/web/20110930111801/http://www.internethaber.com/news_detail.php?id=99151). *Internethaber*. Archived from [the original](http://www.internethaber.com/news_detail.php?id=99151) on September 30, 2011. Retrieved March 14, 2015.

1. **[^](#cite_ref-64)** Gradijan, Dave (February 13, 2007). ["Eight Arrested for Creating Panda Burning Incense Virus"](https://www.csoonline.com/article/2121666/eight-arrested-for-creating-panda-burning-incense-virus.html). *CSO Online*. Retrieved July 20, 2019.

1. **[^](#cite_ref-cnn7mar08_65-0)** ["Chinese hackers: No site is safe"](http://edition.cnn.com/2008/TECH/03/07/china.hackers/index.html). CNN. March 7, 2008. Retrieved March 7, 2008.

1. **[^](#cite_ref-66)** Hoffman, Stefanie (March 14, 2008). ["Trend Micro Victim Of Malicious Hack"](http://www.crn.com/news/security/206903880/trend-micro-victim-of-malicious-hack.htm). *CRN*. Retrieved March 14, 2015.

1. **[^](#cite_ref-67)** Markoff, John (August 26, 2009). ["Defying Experts, Rogue Computer Code Still Lurks"](https://www.nytimes.com/2009/08/27/technology/27compute.html). *New York Times*. Retrieved August 27, 2009.

1. **[^](#cite_ref-googleblog_68-0)** ["A new approach to China"](http://googleblog.blogspot.com/2010/01/new-approach-to-china.html). Google Inc. January 12, 2010. Retrieved January 17, 2010.

1. **[^](#cite_ref-nyt-19stuxnet_69-0)** Broad, William J.; Sanger, David E. (November 18, 2010). ["Worm in Iran Can Wreck Nuclear Centrifuges"](https://www.nytimes.com/2010/11/19/world/middleeast/19stuxnet.html). *The New York Times*.

1. **[^](#cite_ref-70)** Kumar, Mohit (March 26, 2011). ["Thousands of Bank of America Accounts Hacked !"](http://thehackernews.com/2011/03/thousands-of-bank-of-america-accounts.html). *The Hacker News - Biggest Information Security Channel*. Retrieved March 14, 2015.

1. **[^](#cite_ref-71)** ["PlayStation data breach deemed in 'top 5 ever' - Business - CBC News"](https://www.cbc.ca/news/science/playstation-data-breach-deemed-in-top-5-ever-1.1059548). Cbc.ca. April 27, 2011. Retrieved April 29, 2011.

1. **[^](#cite_ref-72)** ["Is Department of Defense (DoD), Pentagon, NASA, NSA secure?"](http://thehackernews.com/2011/05/exclusive-report-is-department-of.html). *TheHackerNews*. May 14, 2011.

1. **[^](#cite_ref-73)** Kovacs, Eduard (September 26, 2011). ["700,000 InMotion Websites Hacked by TiGER-M@TE"](http://news.softpedia.com/news/700-000-InMotion-Websites-Hacked-by-TiGER-M-TE-223607.shtml). *softpedia*. Retrieved March 14, 2015.

1. **[^](#cite_ref-74)** John P. Mello Jr. ["Sesame Street Hacked, Porn Posted"](http://www.pcworld.com/article/242009/sesame_street_hacked_porn_posted.html). *[PC World](/source/PC_World_(magazine))*. Retrieved October 26, 2011.

1. **[^](#cite_ref-75)** Ashkar, Alaa (2 November 2011). ["PA Telecommunications minister: Palestinian Internet Under Hacking Attacks"](http://www.imemc.org/article/62409). [IMEMC](/source/IMEMC). Retrieved November 2, 2011.

1. **[^](#cite_ref-76)** Ashcraft, Brian (7 November 2011). ["Steam Forums Apparently Hacked"](https://kotaku.com/steam-forums-apparently-hacked-5856975). Kotaku.

1. **[^](#cite_ref-77)** Jonas Sverrisson Rasch. ["News article about the arrests of Noria"](http://www.dagbladet.no/2011/12/14/nyheter/innenriks/hackere/19420895/). *Dagbladet*. Retrieved December 14, 2012.

1. **[^](#cite_ref-78)** Flock, Elizabeth (January 3, 2012). ["Saudi hackers say they published Israeli credit card information"](https://www.washingtonpost.com/blogs/blogpost/post/saudi-hackers-say-they-published-israeli-credit-card-information/2012/01/03/gIQAkMIMYP_blog.html). *The Washington Post*.

1. **[^](#cite_ref-79)** Hopkins, Curt (January 6, 2012). ["Kosovo Hacker Threatens to Release 1 Million Israeli Credit Card Numbers"](https://web.archive.org/web/20140404195418/http://readwrite.com/2012/01/06/saudi_hacker_threatens_to_release_1_million_israel). Archived from the original on 4 April 2014.

1. **[^](#cite_ref-80)** ["Israeli hacker retaliates to credit card hacking"](https://www.bbc.co.uk/news/world-middle-east-16526067). *BBC News*. January 12, 2012.

1. **[^](#cite_ref-81)** ["Pirate Bay co-founder sentenced to 42 months in jail in Denmark"](https://www.reuters.com/article/us-piratebay-sentence-idUSKBN0IK1TL20141031). *Reuters*. 2014-10-31. Retrieved 2021-08-05.

1. **[^](#cite_ref-82)** Kripos. ["(Norwegian) Tre personer siktet for datainnbrudd"](https://web.archive.org/web/20130728112727/https://www.politi.no/aktuelt/nyhetsarkiv/2012_01/Nyhet_10828.xhtml). Kripos. Archived from [the original](https://www.politi.no/aktuelt/nyhetsarkiv/2012_01/Nyhet_10828.xhtml) on July 28, 2013. Retrieved April 25, 2012.

1. **[^](#cite_ref-83)** ["Marriott, Hack, Extortion, Arrest and important websites hacked"](http://it.slashdot.org/story/11/11/27/0240253/hacker-tries-to-land-it-job-at-marriott-via-extortion). February 3, 2012.

1. **[^](#cite_ref-84)** Garside, Juliette (February 9, 2012). ["Apple supplier Foxconn hacked in factory conditions protest"](https://www.theguardian.com/technology/2012/feb/09/apple-foxconn-hackers-factory-conditions). *The Guardian*. London.

1. **[^](#cite_ref-85)** ["Com.tr'ler nasıl hacklendi?"](https://www.cnnturk.com/2012/bilim.teknoloji/teknoloji/05/05/com.trler.nasil.hacklendi/659932.0/index.html). *CNNTurk*. May 4, 2012.

1. **[^](#cite_ref-86)** ["Türk hacker'lar com.tr uzantılı sitelere saldırdı"](https://www.hurriyet.com.tr/teknoloji/turk-hackerlar-com-tr-uzantili-sitelere-saldirdi-20486704). *Hurriyet*. May 4, 2012.

1. **[^](#cite_ref-87)** ["Nic.tr Sistemlerine Sızılınca, '.tr' Uzantılı Siteler Başka Yerlere Yönlendirildi"](https://turk-internet.com/nic-tr-sistemlerine-sizilinca-tr-uzantili-siteler-baska-yerlere-yonlendirildi/). *Turk-Internet*. May 4, 2012.

1. **[^](#cite_ref-88)** ["Google, Microsoft, Yandex, Paypal and important websites hacked Zone-H Mirror"](http://www.zone-h.org/archive/special=1/notifier=F0RTYS3V3N). May 4, 2012.

1. **[^](#cite_ref-89)** ["Jose Pagliery: The inside story of the biggest hack in history"](https://web.archive.org/web/20150808020211/http://money.cnn.com/2015/08/05/technology/aramco-hack/index.html). August 5, 2015. Archived from [the original](https://money.cnn.com/2015/08/05/technology/aramco-hack/index.html) on August 8, 2015. Retrieved August 19, 2012.

1. **[^](#cite_ref-90)** ["SCADA systems of 6 countries breached by Sl1nk"](https://web.archive.org/web/20160304091224/http://zerosecurity.org/2012/12/scada-systems-of-6-countries-breached-by-sl1nk). Archived from [the original](http://zerosecurity.org/2012/12/scada-systems-of-6-countries-breached-by-sl1nk) on March 4, 2016. Retrieved June 15, 2015.

1. **[^](#cite_ref-91)** ["Hackers Stole 65 Million Passwords From Tumblr, New Analysis Reveals - Motherboard"](https://www.vice.com/en/article/hackers-stole-68-million-passwords-from-tumblr-new-analysis-reveals/). *Motherboard.vice.com*. May 30, 2016. Retrieved July 1, 2017.

1. **[^](#cite_ref-92)** ["Yahoo 2013 data breach hit 'all accounts'"](https://www.bbc.com/news/business-41493494.amp). 3 October 2017.

1. **[^](#cite_ref-93)** ["The Inside Story of Mt. Gox, Bitcoin's $460 Million Disaster - WIRED"](https://www.wired.com/2014/03/bitcoin-exchange/). *WIRED*. March 3, 2014. Retrieved March 14, 2015.

1. **[^](#cite_ref-94)** ["White House computer network 'hacked' - BBC"](https://www.bbc.com/news/technology-29817644). *BBC*. October 29, 2014. Retrieved November 6, 2015.

1. **[^](#cite_ref-95)** Evan Perez; Shimon Prokupecz (April 8, 2015). ["How the U.S. thinks Russians hacked the White House"](https://edition.cnn.com/2015/04/07/politics/how-russians-hacked-the-wh/index.html). *CNN*. Retrieved December 17, 2016. Russian hackers behind the damaging cyber intrusion of the State Department in recent months used that perch to penetrate sensitive parts of the White House computer system, according to U.S. officials briefed on the investigation.

1. **[^](#cite_ref-96)** ["The Interview: A guide to the cyber attack on Hollywood"](https://www.bbc.com/news/entertainment-arts-30512032). *BBC News*. 2014-12-17. Retrieved 2026-03-16.

1. **[^](#cite_ref-97)** Caffier, Justin (2026-02-20). ["Former Sony Exec Says Obama Called Him After the Big Hack to Trash 'The Interview'"](https://gizmodo.com/former-sony-exec-says-obama-called-him-after-the-big-hack-to-trash-the-interview-2000724727). *Gizmodo*. Retrieved 2026-03-16.

1. **[^](#cite_ref-98)** Michael Angelo Santos. ["Globe Website was Hacked by Blood Sec Hackers"](http://www.coorms.com/2014/11/globe-website-was-hacked-by-bloodsec-hackers.html). *Coorms*.

1. **[^](#cite_ref-reuters20150709_99-0)** Zengerle, Patricia; Cassella, Megan (July 9, 2015). ["Estimate of Americans hit by government personnel data hack skyrockets"](https://www.reuters.com/article/us-cybersecurity-usa-idUSKCN0PJ2M420150709). *[Reuters](/source/Reuters)*. Retrieved July 9, 2015.

1. **[^](#cite_ref-wsj_100-0)** Barrett, Devlin (June 5, 2015). ["U.S. Suspects Hackers in China Breached About four (4) Million People's Records, Officials Say"](https://www.wsj.com/articles/u-s-suspects-hackers-in-china-behind-government-data-breach-sources-say-1433451888). *Wall Street Journal*. Retrieved June 5, 2015.

1. **[^](#cite_ref-npr_101-0)** Sanders, Sam (June 4, 2015). ["Massive Data Breach Puts 4 Million Federal Employees' Records At Risk"](https://www.npr.org/sections/thetwo-way/2015/06/04/412086068/massive-data-breach-puts-4-million-federal-employees-records-at-risk). *NPR*. Retrieved June 5, 2015.

1. **[^](#cite_ref-102)** ["ISIL-Linked Kosovo Hacker Sentenced to 20 Years in Prison"](https://www.justice.gov/opa/pr/isil-linked-kosovo-hacker-sentenced-20-years-prison). Justice Department of the United States. September 23, 2016.

1. **[^](#cite_ref-politico1_103-0)** Romm, Tony; Geller, Eric (21 October 2016). ["WikiLeaks supporters claim credit for massive U.S. cyberattack, but researchers skeptical"](https://www.politico.com/story/2016/10/websites-down-possible-cyber-attack-230145). *POLITICO*. Retrieved October 22, 2016.

1. **[^](#cite_ref-104)** Larson, Selena (November 22, 2017). ["Uber's massive hack: What we know"](https://web.archive.org/web/20171122215815/http://money.cnn.com/2017/11/22/technology/uber-hack-consequences-cover-up/index.html). *CNNMoney*. Archived from [the original](https://money.cnn.com/2017/11/22/technology/uber-hack-consequences-cover-up/index.html) on November 22, 2017. Retrieved June 20, 2019.

1. **[^](#cite_ref-105)** Mussa, Matthew (April 30, 2017). ["'The Dark Overlord', Netflix Hacker: 5 Fast Facts You Need to Know"](http://heavy.com/news/2017/04/netflix-hacker-thedarkoverlord-dark-overlord-hack-memes-orange-is-the-new-black/). *Heavy.com*. Retrieved July 1, 2017.

1. **[^](#cite_ref-106)** Brenner, Bill (May 16, 2017). ["WannaCry: the ransomware worm that didn't arrive on a phishing hook"](https://nakedsecurity.sophos.com/2017/05/17/wannacry-the-ransomware-worm-that-didnt-arrive-on-a-phishing-hook/). *Naked Security*. Retrieved May 18, 2017.

1. **[^](#cite_ref-107)** ["Cyber-attack: Europol says it was unprecedented in scale"](https://www.bbc.com/news/world-europe-39907965). *BBC News*. May 13, 2017. Retrieved May 18, 2017.

1. **[^](#cite_ref-108)** ["Disney hack: Ransom demanded for stolen film"](https://www.bbc.com/news/entertainment-arts-39933406). *BBC News*. 2017-05-16. Retrieved 2024-06-01.

1. ^ [***a***](#cite_ref-guardian-20170531_109-0) [***b***](#cite_ref-guardian-20170531_109-1) [***c***](#cite_ref-guardian-20170531_109-2) Hern, Alex. ["Hackers publish private photos from cosmetic surgery clinic | Technology"](https://www.theguardian.com/technology/2017/may/31/hackers-publish-private-photos-cosmetic-surgery-clinic-bitcoin-ransom-payments). *[The Guardian](/source/The_Guardian)*. Retrieved May 31, 2017.

1. **[^](#cite_ref-110)** ["Plastic surgery clinics hacked; 25,000 photos, data online"](http://www.seattletimes.com/nation-world/plastic-surgery-clinics-hacked-25000-photos-data-online/). *[The Seattle Times](/source/The_Seattle_Times)*. Retrieved May 31, 2017.

1. **[^](#cite_ref-111)** ["Plastic surgery clinics hacked; 25,000 photos, data online"](https://web.archive.org/web/20170531124102/https://abcnews.go.com/Technology/wireStory/plastic-surgery-clinics-hacked-25000-photos-data-online-47728631). *Abcnews.go.com*. Archived from [the original](https://abcnews.go.com/Technology/wireStory/plastic-surgery-clinics-hacked-25000-photos-data-online-47728631) on May 31, 2017. Retrieved May 31, 2017.

1. **[^](#cite_ref-112)** ["Global ransomware attack causes chaos"](https://www.bbc.com/news/technology-40416611). *BBC News*. June 27, 2017. Retrieved June 27, 2017.

1. **[^](#cite_ref-113)** Constantin, Lucian (April 10, 2019). ["Group behind TRITON industrial sabotage malware made more victims"](https://www.csoonline.com/article/3388228/group-behind-triton-industrial-sabotage-malware-made-more-victims.html). *CSO Online*. Retrieved July 17, 2019.

1. **[^](#cite_ref-114)** Glaser, April (8 August 2017). ["The HBO Hackers Are Demanding $7.5 Million to Stop Leaking Game of Thrones"](https://slate.com/technology/2017/08/hbo-hackers-want-7-5-million-to-stop-leaking-game-of-thrones.html). *Slate*.

1. **[^](#cite_ref-:0_115-0)** Haselton, Todd (September 7, 2017). ["Credit reporting firm Equifax says data breach could potentially affect 143 million US consumers"](https://www.cnbc.com/2017/09/07/credit-reporting-firm-equifax-says-cybersecurity-incident-could-potentially-affect-143-million-us-consumers.html). *cnbc.com*. Retrieved October 16, 2017.

1. **[^](#cite_ref-guardsep2017_116-0)** Hopkins, Nick (September 25, 2017). ["Deloitte hit by cyber-attack revealing clients' secret emails"](https://www.theguardian.com/business/2017/sep/25/deloitte-hit-by-cyber-attack-revealing-clients-secret-emails). *Theguardian.com*. Retrieved October 16, 2017.

1. **[^](#cite_ref-117)** Stack, Liam (December 6, 2017). ["North Carolina County Refuses to Pay $23,000 Ransom to Hackers"](https://www.nytimes.com/2017/12/06/us/mecklenburg-county-hackers.html). *The New York Times*. [ISSN](/source/ISSN_(identifier)) [0362-4331](https://search.worldcat.org/issn/0362-4331). Retrieved June 20, 2019.

1. **[^](#cite_ref-118)** McWhirter, Joseph De Avila and Cameron (23 March 2018). ["Atlanta Hit With Cyberattack"](https://www.wsj.com/articles/atlanta-hit-with-cyberattack-1521823062). *Wall Street Journal*. Retrieved June 20, 2019.

1. **[^](#cite_ref-119)** ["Two Iranians Indicted in Atlanta on Cyber Crime Charges"](https://www.wsj.com/articles/two-iranians-indicted-in-atlanta-on-cyber-crime-charges-1544044025). *Wall Street Journal*. Associated Press. 5 December 2018. Retrieved June 20, 2019.

1. **[^](#cite_ref-120)** Adams, Ian (May 1, 2018). ["Wasaga Beach town hall computers seized by hackers"](https://www.simcoe.com/news-story/8586806-wasaga-beach-town-hall-computers-seized-by-hackers/). *Simcoe.com*. Retrieved June 20, 2019.

1. **[^](#cite_ref-facebook_hacked_2018_09_28_nytimes_com_121-0)** ["Facebook Was Hacked. 3 Things You Should Do After the Breach"](https://www.nytimes.com/2018/09/28/business/facebook-was-hacked-here-are-3-things-you-should-do.html). *[New York Times](/source/New_York_Times)*. September 28, 2018. Retrieved April 15, 2021. The social networking giant said attackers had exploited a weakness that enabled them to hijack the accounts of nearly 50 million users. Here are some tips for securing your account

1. **[^](#cite_ref-facebook_says_2018_10_12_foxnews_com_122-0)** ["Facebook says hackers accessed phone numbers, email addresses as part of latest breach"](https://www.foxnews.com/tech/facebook-says-hackers-accessed-phone-numbers-email-addresses-as-part-of-latest-breach). *Fox News*. October 12, 2018. Retrieved April 15, 2021.

1. **[^](#cite_ref-123)** Rondinone, Nicholas (19 October 2018). ["Hackers Target Connecticut City, Force Officials To Pay $2,000 Ransom"](https://www.courant.com/breaking-news/hc-br-west-haven-cyber-attack-ransomware20181019-story.html). *courant.com*. Retrieved June 20, 2019.

1. **[^](#cite_ref-124)** ["Feds indict ransomware hackers of Allscripts, others"](https://www.modernhealthcare.com/article/20181129/NEWS/181129923/feds-indict-ransomware-hackers-of-allscripts-others). *Modern Healthcare*. November 29, 2018. Retrieved June 20, 2019.

1. **[^](#cite_ref-125)** Cimpanu, Catalin. ["Georgia county pays a whopping $400,000 to get rid of a ransomware infection"](https://www.zdnet.com/article/georgia-county-pays-a-whopping-400000-to-get-rid-of-a-ransomware-infection/). *ZDNet*. Retrieved June 20, 2019.

1. **[^](#cite_ref-126)** ["City of Albany experiences cyber attack"](http://cbs6albany.com/news/local/city-of-albany-experiences-cyber-attack). *WRGB*. March 30, 2019. Retrieved June 20, 2019.

1. **[^](#cite_ref-127)** Moench, Mallory (March 31, 2019). ["Albany cyber attack affecting records, police"](https://www.timesunion.com/news/article/Albany-police-can-t-access-scheduling-system-13730578.php). *Times Union*. Retrieved June 20, 2019.

1. **[^](#cite_ref-128)** ["Augusta city offices hit by computer virus"](https://www.newscentermaine.com/article/news/local/augusta-city-offices-hit-by-computer-virus/97-2e380b61-5e75-4627-b8a1-b3b3af6e23e2). *Newscentermaine.com*. 20 April 2019. Retrieved June 20, 2019.

1. **[^](#cite_ref-129)** ["Hacker wanted more than $100K to restore Maine city's computers"](https://bangordailynews.com/2019/04/29/news/augusta/hacker-wanted-more-than-100k-to-restore-maine-citys-computers/). *Bangor Daily News*. 29 April 2019. Retrieved June 20, 2019.

1. **[^](#cite_ref-130)** ["FBI now investigating "RobinHood" ransomware attack on Greenville computers"](https://www.witn.com/content/news/Greenville-city-computers-shut-down-after-virus-attack-508373251.html). *www.witn.com*. 10 April 2019. Retrieved June 20, 2019.

1. **[^](#cite_ref-bleeping_131-0)** ["A Closer Look at the RobbinHood Ransomware"](https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/). *BleepingComputer*.

1. **[^](#cite_ref-132)** Shalby, Colleen (April 18, 2019). ["Ryuk malware hacked a county government website. It's been down for 6 days"](https://www.latimes.com/local/lanow/la-me-imperial-county-website-down-20190418-story.html). *[Los Angeles Times](/source/Los_Angeles_Times)*. Retrieved June 20, 2019.

1. **[^](#cite_ref-133)** Chokshi, Niraj (May 22, 2019). ["Hackers Are Holding Baltimore Hostage: How They Struck and What's Next"](https://www.nytimes.com/2019/05/22/us/baltimore-ransomware.html). *The New York Times*. [ISSN](/source/ISSN_(identifier)) [0362-4331](https://search.worldcat.org/issn/0362-4331). Retrieved June 20, 2019.

1. **[^](#cite_ref-134)** Campbell, Ian Duncan, Colin (7 May 2019). ["Baltimore city government computer network hit by ransomware attack"](https://www.baltimoresun.com/politics/bs-md-ci-it-outage-20190507-story.html). *baltimoresun.com*. Retrieved June 20, 2019.{{[cite web](https://en.wikipedia.org/wiki/Template:Cite_web)}}: CS1 maint: multiple names: authors list ([link](https://en.wikipedia.org/wiki/Category:CS1_maint:_multiple_names:_authors_list))

1. **[^](#cite_ref-135)** Zhang, Ian Duncan, Christine. ["Analysis of ransomware used in Baltimore attack indicates hackers needed 'unfettered access' to city computers"](https://www.baltimoresun.com/politics/bs-md-ci-ransomware-attack-20190517-story.html). *baltimoresun.com*. Retrieved June 20, 2019.{{[cite news](https://en.wikipedia.org/wiki/Template:Cite_news)}}: CS1 maint: multiple names: authors list ([link](https://en.wikipedia.org/wiki/Category:CS1_maint:_multiple_names:_authors_list))

1. **[^](#cite_ref-136)** Kamp, Scott Calvert and Jon (7 June 2019). ["Hackers Won't Let Up in Their Attack on U.S. Cities"](https://www.wsj.com/articles/u-s-cities-strain-to-fight-hackers-11559899800). *Wall Street Journal*. Retrieved June 20, 2019.

1. **[^](#cite_ref-137)** Karimi, Faith (20 June 2019). ["Florida city to pay $600K ransom to hacker who seized computer systems weeks ago"](https://www.cnn.com/2019/06/20/us/riviera-beach-to-pay-hacker/index.html). *CNN*. Retrieved June 20, 2019.

1. **[^](#cite_ref-138)** ["Radiohead releases 'OK Computer' sessions that hacker tried to ransom"](https://nakedsecurity.sophos.com/2019/06/12/radiohead-releases-ok-computer-sessions-that-hacker-tried-to-ransom/). *Naked Security*. June 12, 2019. Retrieved June 20, 2019.

1. **[^](#cite_ref-139)** Aaron (November 19, 2019). ["Anonymous Hacks China As Chinese Military Moves On Hong Kong, Students Trapped at Polytechnic University"](https://www.activistpost.com/2019/11/anonymous-hacks-china-as-chinese-military-moves-on-hong-kong-students-trapped-at-polytechnic-university.html). *Activist Post*. Retrieved August 25, 2020.

1. **[^](#cite_ref-140)** ["Variety"](https://variety.com/2020/digital/news/anonymous-hackers-minneapolis-police-department-website-george-floyd.). 26 September 2023.

1. **[^](#cite_ref-141)** Jaiswal, Priya (May 6, 2020). ["UP: 23-year-old man poses as police official to get mobile phone repaired, lands in lockup"](https://www.indiatvnews.com/news/india/uttar-pradesh-azamgarh-23-year-old-man-poses-police-official-mobile-phone-repair-614583). *www.indiatvnews.com*. Retrieved August 14, 2020.

1. **[^](#cite_ref-142)** ["Anonymous Stole and Leaked a Megatrove of Police Documents"](https://www.wired.com/story/blueleaks-anonymous-law-enforcement-hack/). *Wired*. Retrieved June 26, 2020.

1. **[^](#cite_ref-143)** ["An Interview With Anonymous - George Floyd Protests, Hacks, And Press Freedom"](https://www.activistpost.com/2020/06/an-interview-with-anonymous-george-floyd-protests-hacks-and-press-freedom.html). *Activist Post*. June 23, 2020. Retrieved June 26, 2020.

1. **[^](#cite_ref-144)** ["Anonymous Strike Back At Buffalo PD After Shoving Incident"](https://www.hotnewhiphop.com/271238-anonymous-strike-back-at-buffalo-pd-after-shoving-incident-news). *HotNewHipHop*. 6 June 2020. Retrieved June 6, 2020.

1. **[^](#cite_ref-145)** ["@GroupAnon: "#TangoDown again. Those lasers are firing hot.""](https://twitter.com/groupanon/status/1269351212043902976). *Twitter*. Retrieved June 6, 2020.

1. **[^](#cite_ref-146)** ["Anonymous hack Chicago police radios to play NWA's 'Fuck Tha Police'"](https://www.nme.com/news/music/anonymous-hack-chicago-police-radios-to-play-nwas-fuck-tha-police-2680017). *NME Music News, Reviews, Videos, Galleries, Tickets and Blogs | NME.COM*. June 1, 2020. Retrieved June 26, 2020.

1. **[^](#cite_ref-147)** ["Roblox accounts hacked to support Donald Trump"](https://www.bbc.com/news/technology-53236050). *BBC News*. June 30, 2020. Retrieved August 13, 2020.

1. **[^](#cite_ref-148)** ["Wattpad data breach exposes account info for millions of users"](https://www.bleepingcomputer.com/news/security/wattpad-data-breach-exposes-account-info-for-millions-of-users/). *BleepingComputer*. Retrieved August 14, 2020.

1. **[^](#cite_ref-149)** ["Pakistan news channel Dawn hacked, screen shows Indian tricolour; probe launched"](https://indianexpress.com/article/pakistan/pakistan-news-channel-dawn-hacked-screen-shows-indian-tricolour-6537093/). *The Indian Express*. 2020-08-03. [Archived](https://web.archive.org/web/20230623222134/https://indianexpress.com/article/pakistan/pakistan-news-channel-dawn-hacked-screen-shows-indian-tricolour-6537093/) from the original on 23 June 2023. Retrieved 2024-07-19.

1. **[^](#cite_ref-150)** ["Pakistan's Dawn news channel hacked, Indian flag with 'Happy Independence Day' message flashed"](https://www.moneycontrol.com/news/world/pakistans-dawn-news-channel-hacked-indian-flag-with-happy-independence-day-message-flashed-5638411.html). *Money Control*. 3 August 2020. p. 1. [Archived](https://web.archive.org/web/20221001060358/https://www.moneycontrol.com/news/world/pakistans-dawn-news-channel-hacked-indian-flag-with-happy-independence-day-message-flashed-5638411.html) from the original on 1 October 2022.

1. **[^](#cite_ref-151)** ["WATCH: Pakistan News Channel 'Dawn' Hacked; Indian Tricolour, Happy Independence Day Message Displayed"](https://news.abplive.com/news/world/pakistan-news-channel-dawn-hacked-hackers-display-indian-tricolour-happy-independence-day-message-1301945). *ABP Live*. 2020-08-03. [Archived](https://web.archive.org/web/20210126083337/https://news.abplive.com/news/world/pakistan-news-channel-dawn-hacked-hackers-display-indian-tricolour-happy-independence-day-message-1301945) from the original on 26 January 2021. Retrieved 2024-07-19.

1. **[^](#cite_ref-152)** ["ڈان نیوز چینل پر ہیکرز کا حملہ، اسکرین پر بھارتی ترنگا لہرانے کی تحقیقات"](https://www.dawnnews.tv/news/1138677) [Hacker attack on Dawn news channel, investigation into hoisting of Indian tricolor on screen]. *Dawn News Urdu* (in Urdu). 2020-08-02. [Archived](https://web.archive.org/web/20240621182916/https://www.dawnnews.tv/news/1138677/) from the original on 21 June 2024. Retrieved 2024-07-19.

1. **[^](#cite_ref-153)** ["Everything We Know About the Reddit Hack, Including Who Is Claiming Responsibility"](https://www.newsweek.com/everything-we-know-about-reddit-hack-1523704). *Newsweek*. 7 August 2020. Retrieved August 11, 2020.

1. **[^](#cite_ref-154)** ["Einmal zum Mond und wieder zurück – Hacker der Hochschule Bonn-Rhein erfolgreich beim Hack-A-Sat"](https://idw-online.de/de/news752398). *idw-online.de* (in German). Retrieved August 16, 2020.

1. **[^](#cite_ref-155)** ["The Race to Hack a Satellite at DEF CON"](https://www.darkreading.com/application-security/the-race-to-hack-a-satellite-at-def-con/d/d-id/1338657). *Dark Reading*. 13 August 2020. Retrieved August 16, 2020.

1. **[^](#cite_ref-156)** ["Гостевая книга (Actual archive of defaced page)"](https://web.archive.org/web/20200818162750/http://www.bresttorg.by/guestbook/guestbook.php). August 18, 2020. Archived from [the original](http://www.bresttorg.by/guestbook/guestbook.php) on 2020-08-18. Retrieved August 25, 2020.

1. **[^](#cite_ref-157)** Farrer, Martin (26 August 2020). ["New Zealand stock exchange hit by cyber attack for second day"](https://www.theguardian.com/technology/2020/aug/26/new-zealand-stock-exchange-hit-by-cyber-attack-for-second-day). *The Guardian*. Retrieved 11 September 2020.

1. **[^](#cite_ref-158)** Eddy, Melissa; Perlroth, Nicole (18 September 2020). ["Cyber Attack Suspected in German Woman's Death"](https://www.nytimes.com/2020/09/18/world/europe/cyber-attack-germany-ransomeware-death.html). *The New York Times*. Retrieved 19 September 2020.

1. **[^](#cite_ref-NYT20201028_159-0)** Perlroth, Nicole (2020-10-28). ["Officials Warn of Cyberattacks on Hospitals as Virus Cases Spike: Government officials warned that hackers were seeking to hold American hospitals' data hostage in exchange for ransom payments"](https://www.nytimes.com/2020/10/28/us/hospitals-cyberattacks-coronavirus.html). The Coronavirus Outbreak. *[The New York Times](/source/The_New_York_Times)*. [Archived](https://web.archive.org/web/20201103005351/https://www.nytimes.com/2020/10/28/us/hospitals-cyberattacks-coronavirus.html) from the original on 2020-11-03.

1. **[^](#cite_ref-NYT20201012_160-0)** [Sanger, David E.](/source/David_E._Sanger); Perlroth, Nicole (2020-10-12). ["Microsoft Takes Down a Risk to the Election, and Finds the U.S. Doing the Same: Fearing Russian ransomware attacks on the election, the company and U.S. Cyber Command mounted similar pre-emptive strikes. It is not clear how long they may work"](https://www.nytimes.com/2020/10/12/us/politics/election-hacking-microsoft.html). US Politics. *[The New York Times](/source/The_New_York_Times)* (October 21, 2020 ed.). [Archived](https://web.archive.org/web/20201104020855/https://www.nytimes.com/2020/10/12/us/politics/election-hacking-microsoft.html) from the original on 2020-11-04.

1. **[^](#cite_ref-60Min20201129_161-0)** [Krebs, Christopher Cox](/source/Chris_Krebs) (2020-11-29). ["Fired director of U.S. cyber agency Chris Krebs explains why President Trump's claims of election interference are false"](https://www.cbsnews.com/news/election-results-security-chris-krebs-60-minutes-2020-11-29/). In [Pelley, Scott Cameron](/source/Scott_Pelley) (ed.). [*60 Minutes*](/source/60_Minutes). Season 53. Episode 13. Event occurs at 11:30. [CBS](/source/CBS). [Archived](https://web.archive.org/web/20201202060053/https://www.cbsnews.com/news/election-results-security-chris-krebs-60-minutes-2020-11-29/) from the original on 2020-12-02. It was quiet. There was no indication or evidence that there was any sort of hacking or compromise of election systems on, before, or after November third.

1. **[^](#cite_ref-162)** Bing, Christopher (13 December 2020). ["Suspected Russian hackers spied on U.S. Treasury emails - sources"](https://www.reuters.com/article/us-usa-cyber-amazon-com-exclsuive/u-s-treasury-breached-by-hackers-backed-by-foreign-government-sources-idUSKBN28N0PG). *Reuters*.

1. **[^](#cite_ref-163)** ArcTitan (2021-02-21). ["U.S. Treasury Hit by Email Hacks"](https://www.arctitan.com/blog/u-s-treasury-hit-by-email-hacks/). *ArcTitan*. Retrieved 2021-03-16.

1. **[^](#cite_ref-164)** @nyc311 (December 6, 2020). ["New York City 311's tweet responding to the bomb threat"](https://web.archive.org/web/20201206185941/https://twitter.com/nyc311/status/1335659290846244867) ([Tweet](/source/Tweet_(social_media))). Archived from [the original](https://twitter.com/nyc311/status/1335659290846244867) on 6 December 2020 – via [Twitter](/source/Twitter).

1. **[^](#cite_ref-165)** ["Plane Lands Safely at JFK Airport After Report of Bomb Threat: Officials"](https://www.nbcnewyork.com/news/local/plane-lands-safely-at-jfk-airport-after-report-of-bomb-threat-officials/2764208/). *NBC New York*. 6 December 2020. Retrieved 12 December 2020.

1. **[^](#cite_ref-166)** Helen Coffey (7 December 2020). ["Flight to New York evacuated after bomb threat"](https://www.independent.co.uk/travel/news-and-advice/flight-evacuated-bomb-threat-russia-new-york-b1767353.html). *independent.co.uk*. [The Independent](/source/The_Independent). Retrieved 7 May 2024.

1. **[^](#cite_ref-167)** ["Anonymous claims hacking of multiple Russian websites to deliver a 'Christmas Gift'"](https://web.archive.org/web/20201228180104/https://webcache.googleusercontent.com/search?q=cache%3ACfxbYun5tWwJ%3Ahttps%3A%2F%2Fwww.dailykos.com%2Fstory%2F2020%2F12%2F28%2F2004491%2F-Anonymous-claims-hacking-of-multiple-Russian-websites-to-deliver-a-Christmas-Gift+). Daily Kos. 28 December 2020. Archived from [the original](https://www.dailykos.com/story/2020/12/28/2004491/-Anonymous-claims-hacking-of-multiple-Russian-websites-to-deliver-a-Christmas-Gift) on 2020-12-28. Retrieved 29 December 2020.

1. **[^](#cite_ref-168)** ["'Anonymous Malaysia' hackers say they defaced five government websites | Coconuts KL"](https://coconuts.co/kl/news/anonymous-malaysia-hackers-say-they-defaced-five-government-websites/). *Coconuts*. 1 February 2021. Retrieved 19 February 2021.

1. **[^](#cite_ref-169)** Ar, Zurairi (25 January 2021). ["Hacktivist group Anonymous Malaysia resurfaces, vows cyber-attack against govt over data breaches | Malay Mail"](https://www.malaymail.com/news/malaysia/2021/01/25/hacktivist-group-anonymous-malaysia-resurfaces-vows-cyber-attack-against-go/1943943). *www.malaymail.com*. Retrieved 19 February 2021.

1. **[^](#cite_ref-170)** Cimpanu, Catalin. ["Malaysia arrests 11 suspects for hacking government sites"](https://www.zdnet.com/article/malaysia-arrests-11-suspects-for-hacking-government-sites/). *ZDNet*. Retrieved 19 February 2021.

1. **[^](#cite_ref-171)** ["11 suspects of 'Anonymous Malaysia' hacker group nabbed | The Star"](https://www.thestar.com.my/news/nation/2021/02/18/11-suspects-of-039anonymous-malaysia039-hacker-group-nabbed). *www.thestar.com.my*. 18 February 2021. Retrieved 19 February 2021.

1. **[^](#cite_ref-172)** ["Myanmar Hackers Take Down Military-Run Websites"](https://www.irrawaddy.com/news/burma/myanmar-hackers-take-military-run-websites.html). *The Irrawaddy*. 17 February 2021. Retrieved 19 February 2021.

1. **[^](#cite_ref-173)** Mehrotra, Kartikay; Turton, William (20 May 2021). ["CNA Financial Paid $40 Million in Ransom After March Cyberattack"](https://www.bloomberg.com/news/articles/2021-05-20/cna-financial-paid-40-million-in-ransom-after-march-cyberattack). *www.bloomberg.com*. [Archived](https://web.archive.org/web/20210520225018/https://www.bloomberg.com/news/articles/2021-05-20/cna-financial-paid-40-million-in-ransom-after-march-cyberattack) from the original on 20 May 2021. Retrieved 30 November 2021.

1. ^ [***a***](#cite_ref-:1_174-0) [***b***](#cite_ref-:1_174-1) Abrams, Lawrence (25 March 2021). ["Insurance giant CNA hit by new Phoenix CryptoLocker ransomware"](https://www.bleepingcomputer.com/news/security/insurance-giant-cna-hit-by-new-phoenix-cryptolocker-ransomware/). *BleepingComputer*. [Archived](https://web.archive.org/web/20210325183052/https://www.bleepingcomputer.com/news/security/insurance-giant-cna-hit-by-new-phoenix-cryptolocker-ransomware/) from the original on 25 March 2021. Retrieved 30 November 2021.

1. **[^](#cite_ref-175)** ["CNA pays $40 million ransom to lift malware from its systems"](https://www.insurancebusinessmag.com/us/news/cyber/cna-pays-40-million-ransom-to-lift-malware-from-its-systems-255714.aspx). *www.insurancebusinessmag.com*. Retrieved 2023-06-18.

1. **[^](#cite_ref-facebook_hacked_2021_04_05_ktnv_com_176-0)** ["Cybersecurity: Millions of Facebook accounts hacked"](https://www.ktnv.com/news/national/cybersecurity-millions-of-facebook-accounts-hacked). *[KTNV-TV](/source/KTNV-TV), [Las Vegas, Nevada](/source/Las_Vegas%2C_Nevada)*. April 5, 2021. Retrieved April 15, 2021.

1. **[^](#cite_ref-facebook_users_2021_04_05_fox5sandiego_com_177-0)** ["Facebook hack How to find out if you were one of the 533 million Facebook users hacked"](https://fox5sandiego.com/news/tech/533-million-facebook-users-were-hacked-how-to-find-out-if-you-were-one-of-them/). *Fox5 TV, [San Diego, California](/source/San_Diego%2C_California)*. 2021-04-05. Retrieved April 15, 2021.

1. **[^](#cite_ref-facebook_data_breach_2021_04_13_timesofindia_com_178-0)** ["2021-04-13 Facebook data breach explained: How the world's largest social media platform got hacked"](https://timesofindia.indiatimes.com/videos/news/facebook-data-breach-explained-how-the-worlds-largest-social-media-platform-got-hacked/videoshow/82029617.cms). *[Times of India](/source/Times_of_India)*. April 13, 2021. Retrieved April 15, 2021.

1. **[^](#cite_ref-179)** Shrivastava, Akash (2024-09-27). ["Cyber Attacks and Data breaches"](https://www.hackersvella.org/blog/post/cyber-attack-and-data-breaches). *HackersvellA*. Retrieved 2024-09-27.

1. **[^](#cite_ref-180)** Goodin, Dan (30 April 2021). ["More US agencies potentially hacked, this time with Pulse Secure exploits"](https://arstechnica.com/gadgets/2021/04/more-us-agencies-potentially-hacked-this-time-with-pulse-secure-exploits/). *Ars Technica*. Retrieved 9 May 2021.

1. **[^](#cite_ref-181)** ["Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day"](https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html). *FireEye*. Retrieved 9 May 2021.

1. **[^](#cite_ref-182)** ["Cyber attack shuts down U.S. fuel pipeline 'jugular,' Biden briefed"](https://www.reuters.com/technology/colonial-pipeline-halts-all-pipeline-operations-after-cybersecurity-attack-2021-05-08/). *Reuters*. 2021-05-08. Retrieved 13 June 2021.

1. **[^](#cite_ref-183)** ["Explained: What is the data breach that has hit Air India customers?"](https://indianexpress.com/article/explained/air-india-sita-data-breach-explained-7325501/). *The Indian Express*. 2021-05-22. Retrieved 2021-05-23.

1. **[^](#cite_ref-184)** ["Air India cyberattack: Personal data of over 4.5 million passengers leaked"](https://www.irishtimes.com/news/world/asia-pacific/air-india-cyberattack-personal-data-of-over-4-5-million-passengers-leaked-1.4572596). *The Irish Times*. Retrieved 2021-05-23.

1. **[^](#cite_ref-185)** ["Saudi Aramco confirms data leak after $50 million cyber ransom demand"](https://arstechnica.com/information-technology/2021/07/saudi-aramco-confirms-data-leak-after-50-million-cyber-ransom-demand/). *ARS Technica*. 2021-07-22. Retrieved 2021-07-22.

1. **[^](#cite_ref-186)** ["Hackers reportedly demand $50m from Saudi Aramco over data leak"](https://www.bbc.com/news/business-57924355). *BBC*. 2021-07-22.

1. **[^](#cite_ref-187)** ["Saudi Aramco Confirms Data Leak After Reported Cyber Ransom"](https://www.bloomberg.com/news/articles/2021-07-21/saudi-aramco-confirms-data-leak-after-reported-cyber-extortion). *bloomberg*. 2021-07-22.

1. **[^](#cite_ref-188)** - ["T‑Mobile Shares Updated Information Regarding Ongoing Investigation into Cyberattack | T‑Mobile Newsroom"](https://www.t-mobile.com/news/network/additional-information-regarding-2021-cyberattack-investigation). *T-Mobile Newsroom*. - Krebs, Brian (27 August 2021). ["T-Mobile: Breach Exposed SSN/DOB of 40M+ People – Krebs on Security"](https://krebsonsecurity.com/2021/08/t-mobile-breach-exposed-ssn-dob-of-40m-people/). - Vaas, Lisa. ["T-Mobile: >40 Million Customers' Data Stolen"](https://threatpost.com/t-mobile-40-million-customers-data-stolen/168778/). *threatpost.com*. - Hill, Michael (27 August 2021). ["The T-Mobile data breach: A timeline"](https://www.csoonline.com/article/3630093/the-t-mobile-data-breach-a-timeline.html). *CSO Online*.

1. ^ [***a***](#cite_ref-:3_189-0) [***b***](#cite_ref-:3_189-1) Goforth, Claire (September 14, 2021). ["Anonymous to release massive data set of the far-right's preferred web hosting company"](https://www.dailydot.com/debug/anonymous-hack-far-right-web-host-epik/). *[The Daily Dot](/source/The_Daily_Dot)*. Retrieved September 14, 2021.

1. **[^](#cite_ref-:6_190-0)** Cimpanu, Catalin (September 15, 2021). ["Anonymous hacks and leaks data from domain registrar Epik"](https://therecord.media/anonymous-hacks-and-leaks-data-from-domain-registrar-epik/). *[The Record by Recorded Future](/source/The_Record_by_Recorded_Future)*. Retrieved September 16, 2021.

1. **[^](#cite_ref-:2_191-0)** Thalen, Mikael (September 29, 2021). ["New leak of Epik data exposes company's entire server"](https://www.dailydot.com/debug/anonymous-new-epik-leak/). *[The Daily Dot](/source/The_Daily_Dot)*. Retrieved September 29, 2021.

1. **[^](#cite_ref-:4_192-0)** Thalen, Mikael (October 4, 2021). ["Anonymous releases data on Texas GOP in latest Epik hack dump"](https://www.dailydot.com/debug/anonymous-texas-gop-epik/). *[The Daily Dot](/source/The_Daily_Dot)*. Retrieved October 4, 2021.

1. **[^](#cite_ref-193)** Warren, Tom (2021-10-06). ["Twitch source code and creator payouts part of massive leak"](https://www.theverge.com/2021/10/6/22712250/twitch-hack-leak-data-streamer-revenue-steam-competitor). *The Verge*. Retrieved 2021-10-07.

1. **[^](#cite_ref-194)** Browning, Kellen (2021-10-06). ["A 'potentially disastrous' data breach hits Twitch, the livestreaming site"](https://www.nytimes.com/2021/10/06/technology/twitch-data-breach.html). *The New York Times*. [ISSN](/source/ISSN_(identifier)) [0362-4331](https://search.worldcat.org/issn/0362-4331). Retrieved 2021-10-07.

1. **[^](#cite_ref-lunasec_195-0)** Wortley, Free; Thrompson, Chris; Allison, Forrest (9 December 2021). ["Log4Shell: RCE 0-day exploit found in log4j 2, a popular Java logging package"](https://www.lunasec.io/docs/blog/log4j-zero-day/). *LunaSec*. Retrieved 12 December 2021.

1. **[^](#cite_ref-196)** ["CVE-2021-44228"](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228). *Common Vulnerabilities and Exposures*. Retrieved 12 December 2021.

1. ^ [***a***](#cite_ref-Log4Shell,_Bloomberg_197-0) [***b***](#cite_ref-Log4Shell,_Bloomberg_197-1) [***c***](#cite_ref-Log4Shell,_Bloomberg_197-2) [***d***](#cite_ref-Log4Shell,_Bloomberg_197-3) Turton, William; Gillum, Jack; Robertson, Jordan. ["Inside the Race to Fix a Potentially Disastrous Software Flaw"](https://www.bloomberg.com/news/articles/2021-12-13/how-apache-raced-to-fix-a-potentially-disastrous-software-flaw). *www.bloomberg.com*.

1. **[^](#cite_ref-Duckett2021_198-0)** Duckett, Chris. ["Log4j RCE activity began on December 1 as botnets start using vulnerability"](https://www.zdnet.com/article/log4j-rce-activity-began-on-december-1-as-botnets-start-using-vulnerability/). *ZDNet*. Cisco Talos said in a blog post that it observed activity for the vulnerability known as CVE-2021-44228 from December 2, and those looking for indicators of compromise should extend their searches to at least that far back.

1. ^ [***a***](#cite_ref-Berger2021_199-0) [***b***](#cite_ref-Berger2021_199-1) Berger, Andreas (17 December 2021). ["What is Log4Shell? The Log4j vulnerability explained (and what to do about it)"](https://www.dynatrace.com/news/blog/what-is-log4shell/). *Dynatrace news*.

1. **[^](#cite_ref-200)** Prince, Matthew. ["Tweet"](https://twitter.com/eastdakota/status/1469800951351427073). *Twitter*. Earliest evidence we've found so far of #Log4J exploit is 2021-12-01 04:36:50 UTC. That suggests it was in the wild at least 9 days before publicly disclosed. However, don't see evidence of mass exploitation until after public disclosure.

1. **[^](#cite_ref-201)** The top U.S. cybersecurity defense official, Jen Easterly, deemed the flaw "one of the most serious I've seen in my entire career, if not the most serious": - Woodyard, Chris. ["'Critical vulnerability': Smaller firms may find it harder to stop hackers from exploiting Log4j flaw"](https://www.usatoday.com/story/money/business/2021/12/16/log-4-j-vulnerability-small-business/8910567002/). *[USA Today](/source/USA_Today)*. Retrieved 2021-12-17. - ["Expert discusses what you need to know about 'most serious' security breach ever"](https://abc7news.com/log4j-kronos-ransomware-attack-hack-cyberattack/11362714/). *ABC7 San Francisco*. Associated Press. 20 December 2021. - ["Chinese and Iranian hackers exploit Log4j computer flaw, affecting hundreds of millions"](https://www.foxnews.com/tech/chinese-iranian-hackers-exploit-log4j-computer-flaw). Associated Press. 15 December 2021. - Starks, Tim (13 December 2021). ["CISA warns 'most serious' Log4j vulnerability likely to affect hundreds of millions of devices"](https://www.cyberscoop.com/log4j-cisa-easterly-most-serious/). *CyberScoop*.

1. **[^](#cite_ref-202)** * Goodin, Dan (2021-12-13). ["As Log4Shell wreaks havoc, payroll service reports ransomware attack"](https://arstechnica.com/information-technology/2021/12/as-log4shell-wreaks-havoc-payroll-service-reports-ransomware-attack/). *[Ars Technica](/source/Ars_Technica)*. Retrieved 2021-12-17. arguably the most severe vulnerability ever - Barrett, Brian. ["The Next Wave of Log4J Attacks Will Be Brutal"](https://www.wired.com/story/log4j-log4shell-vulnerability-ransomware-second-wave/). *[Wired](/source/Wired_(magazine))*. [ISSN](/source/ISSN_(identifier)) [1059-1028](https://search.worldcat.org/issn/1059-1028). Retrieved 2021-12-17. - Hunter, Tatum; de Vynck, Gerrit (20 December 2021). ["The 'most serious' security breach ever is unfolding right now. Here's what you need to know"](https://www.washingtonpost.com/technology/2021/12/20/log4j-hack-vulnerability-java/). *[The Washington Post](/source/The_Washington_Post)*.

1. **[^](#cite_ref-203)** Rudis, boB (10 December 2021). ["Widespread Exploitation of Critical Remote Code Execution in Apache Log4j | Rapid7 Blog"](https://www.rapid7.com/blog/post/2021/12/10/widespread-exploitation-of-critical-remote-code-execution-in-apache-log4j/). *Rapid7*.

1. **[^](#cite_ref-204)** ["Restrict LDAP access via JNDI by rgoers #608"](https://github.com/apache/logging-log4j2/pull/608). *Log4j*. 5 December 2021. Retrieved 12 December 2021 – via [GitHub](/source/GitHub).

1. **[^](#cite_ref-205)** tweakers (2022-02-14). ["Hackersclub CCC vindt 6,4 miljoen persoonsgegevens via vijftigtal datalekken"](https://tweakers.net/nieuws/193238/hackersclub-ccc-vindt-6-komma-4-miljoen-persoonsgegevens-via-vijftigtal-datalekken.html) (in Dutch). Retrieved 2022-02-17.

1. **[^](#cite_ref-206)** Chaos Computer Club (2022-02-14). ["Chaos Computer Club meldet 6,4 Millionen Datensätze in über 50 Leaks"](https://www.ccc.de/de/updates/2022/web-patrouille-ccc) (in German). Retrieved 2022-02-17.

1. **[^](#cite_ref-207)** ["Anonymous hacks Russian federal agency, releases 360,000 documents"](https://www.jpost.com/breaking-news/article-700940). *The Jerusalem Post | Jpost.com*. Retrieved 6 April 2022.

1. **[^](#cite_ref-:42_208-0)** Sigalos, MacKenzie (2022-03-29). ["Crypto hackers steal over $615 million from network that runs popular game Axie Infinity"](https://www.cnbc.com/2022/03/29/hackers-steal-over-615-million-from-network-running-axie-infinity.html). *CNBC*. Retrieved 2022-03-30.

1. **[^](#cite_ref-:5_209-0)** Takahashi, Dean (2022-03-29). ["Hackers steal $620M in Ethereum and dollars from Axie Infinity maker Sky Mavis' Ronin network"](https://venturebeat.com/2022/03/29/hackers-steal-620m-in-ethereum-and-dollars-in-axie-infinity-maker-sky-mavis-ronin-network/). *VentureBeat*. Retrieved 2022-03-30.

1. **[^](#cite_ref-:62_210-0)** Hollerith, David (30 March 2022). ["Hackers steal $615 million in crypto from Axie Infinity's Ronin Network"](https://finance.yahoo.com/news/hackers-steal-615-million-in-crypto-194522160.html). *Yahoo Finance*. Retrieved 30 March 2022.

1. ^ [***a***](#cite_ref-:7_211-0) [***b***](#cite_ref-:7_211-1) Kharif, Olga (March 29, 2022). ["Hackers Steal About $600 Million in One of the Biggest Crypto Heists"](https://www.bloomberg.com/news/articles/2022-03-29/hackers-steal-590-million-from-ronin-in-latest-bridge-attack). *Bloomberg News*. Retrieved 2022-09-23.

1. **[^](#cite_ref-212)** Tsihitas, Theo (2022-03-29). ["Worldwide cryptocurrency heists tracker (updated daily)"](https://www.comparitech.com/crypto/biggest-cryptocurrency-heists/). *Comparitech.com*. Comparitech Limited. Retrieved 2022-03-31.

1. **[^](#cite_ref-vice_213-0)** Ongweso Jr., Edward (2022-04-04). ["The Metaverse Has Bosses Too. Meet the 'Managers' of Axie Infinity"](https://www.vice.com/en/article/the-metaverse-has-bosses-too-meet-the-managers-of-axie-infinity/). *Vice Motherboard*. Retrieved 2022-06-06.

1. **[^](#cite_ref-214)** Servando, Kristine (8 April 2022). ["Axie Owner Says Recovering Stolen Crypto Could Take Two Years"](https://www.bloomberg.com/news/articles/2022-04-08/axie-owner-says-recovering-stolen-crypto-could-take-two-years). *Bloomberg.com*. Retrieved 17 April 2022.

1. **[^](#cite_ref-215)** Kharif, Olga (2022-06-23). ["Axie-Infinity Developer to Reimburse Hack Victims, Restart Ronin"](https://www.bloomberg.com/news/articles/2022-06-23/axie-infinity-developer-to-reimburse-hack-victims-restart-ronin). *Bloomberg News*. Retrieved 2022-09-24.

1. **[^](#cite_ref-216)** ["North Korean hackers target gamers in $615m crypto heist - US"](https://www.bbc.com/news/world-asia-61036733). *BBC News*. 2022-04-15. Retrieved 2022-04-15.

1. ^ [***a***](#cite_ref-novak_217-0) [***b***](#cite_ref-novak_217-1) Novak, Matt (15 April 2022). ["FBI Says North Korea Behind Biggest Crypto Theft in History Against Axie Infinity"](https://gizmodo.com/fbi-says-north-korea-behind-biggest-crypto-theft-in-his-1848797691). *Gizmodo*. Retrieved 17 April 2022.

1. **[^](#cite_ref-gach_218-0)** Gach, Ethan (16 April 2022). ["Crypto Gaming 'Landlords' Upset They Can't Keep Exploiting All The Players Quitting"](https://kotaku.com/axie-infinity-nft-crypto-hack-landlord-scholar-pokemon-1848800557). *Kotaku*. Retrieved 17 April 2022.

1. **[^](#cite_ref-219)** ["North Korea's Lazarus Group moves funds through Tornado Cash | TRM Insights"](https://www.trmlabs.com/post/north-koreas-lazarus-group-moves-funds-through-tornado-cash). *www.trmlabs.com*. Retrieved 2022-07-17.

1. **[^](#cite_ref-220)** ["Anonymous Hits 3 Russian Entities, Leaks 400 GB Worth of Emails"](https://www.hackread.com/anonymous-hits-russian-entities-leaks-400-gb-emails/). 12 April 2022. Retrieved 12 April 2022.

1. **[^](#cite_ref-221)** ["Anonymous Hits Russian Ministry of Culture- Leaks 446GB of Data"](https://www.hackread.com/anonymous-hits-russian-ministry-of-culture-leaks-446gb-of-data/). 12 April 2022. Retrieved 13 April 2022.

1. **[^](#cite_ref-222)** ["Gijón City Council (Spain) was attacked by GERVASIA"](https://www.elcomercio.es/gijon/hackean-red-informatica-ayuntamiento-gijon-20220419103023-nt.html/). 19 April 2022. Retrieved 19 April 2022.

1. **[^](#cite_ref-223)** ["Anonymous NB65 Claims Hack on Russian Payment Processor Qiwi"](https://www.hackread.com/anonymous-nb65-hacki-russia-payment-processor-qiwi/). 9 May 2022. Retrieved 9 May 2022.

1. **[^](#cite_ref-224)** Jankowicz, Mia. ["Hackers replaced Russian TV schedules during Putin's 'Victory Day' parade with anti-war messages, saying the blood of Ukrainians is on Russians' hands"](https://www.businessinsider.com/russia-victory-day-tv-broadcasts-hacked-anti-war-messages-2022-5). *Business Insider*. Retrieved 9 May 2022.

1. **[^](#cite_ref-225)** ["Hacker claims to have obtained data on 1 billion Chinese citizens"](https://www.theguardian.com/technology/2022/jul/04/hacker-claims-access-data-billion-chinese-citizens). *the Guardian*. 2022-07-04. Retrieved 2022-07-09.

1. **[^](#cite_ref-226)** ["Russians warned of nuclear attack after hackers break in to country's TV service"](https://news.yahoo.com/russians-warned-nuclear-attack-hackers-203332617.html). *Yahoo News*. Retrieved 24 March 2023.

1. **[^](#cite_ref-227)** ["Israel-Palestine conflict: How Indian hackers sunk their cyber fangs into Hamas, Palestinian national bank"](https://www.dnaindia.com/india/report-israel-palestine-conflict-how-indian-hackers-sunk-their-cyber-fangs-into-hamas-palestinian-national-bank-3063682). *DNA India*. 9 October 2023. [Archived](https://web.archive.org/web/20240105230440/https://www.dnaindia.com/india/report-israel-palestine-conflict-how-indian-hackers-sunk-their-cyber-fangs-into-hamas-palestinian-national-bank-3063682) from the original on 5 January 2024. Retrieved 2024-07-19.

1. **[^](#cite_ref-228)** Shankar, Siddharth (2023-10-08). ["Israel-Palestine Conflict: As 'Islamic' Hackers Continue Targeting Israel, Indian Hackers Take Down Official Hamas Website"](https://www.timesnownews.com/technology-science/israel-palestine-cyber-warfare-indian-hackers-hamas-website-takedown-article-104259001). *Times Now*. [Archived](https://web.archive.org/web/20240110222308/https://www.timesnownews.com/technology-science/israel-palestine-cyber-warfare-indian-hackers-hamas-website-takedown-article-104259001) from the original on 10 January 2024. Retrieved 2024-07-19.

1. **[^](#cite_ref-229)** ["Israel-Hamas War: 'Indian Cyber Force' Claims It Hacked Palestinian Websites After Targeting Canada"](https://www.hindustantimes.com/videos/world-news/israelhamas-war-indian-cyber-force-claims-it-hacked-palestinian-websites-after-targeting-canada-101696939146619.html). *Hindustan Times*. 2023-10-10. [Archived](https://web.archive.org/web/20240110131434/https://www.hindustantimes.com/videos/world-news/israelhamas-war-indian-cyber-force-claims-it-hacked-palestinian-websites-after-targeting-canada-101696939146619.html) from the original on 10 January 2024. Retrieved 2024-07-19.

1. **[^](#cite_ref-230)** ["Australia Cyberattack Leaves 30,000 Containers Stuck at Ports"](https://www.bloomberg.com/news/articles/2023-11-12/australian-port-operations-slowly-resume-after-cyberattack-on-dp). *Bloomberg.com*. 2023-11-12. Retrieved 2023-11-13.

1. **[^](#cite_ref-231)** AAP (2023-11-12). ["DP World cyber hack: 40% of Australia's international freight affected"](https://www.smartcompany.com.au/technology/cyber-security/dp-world-cyber-hack-40-australia-international-freight-affected/). *SmartCompany*. Retrieved 2023-11-13.

1. **[^](#cite_ref-232)** [*DP World Confirms Data Breach In Cyber-Attack That Delayed Australian Ports | 10 News First*](https://www.youtube.com/watch?v=XC74Bx32jHI), 13 November 2023, retrieved 2023-11-13

1. **[^](#cite_ref-233)** ["Maldives' Home Ministry website hacked over 'anti-India actions': Report"](https://www.businesstoday.in/india/story/maldives-home-ministry-website-hacked-over-anti-india-actions-report-418856-2024-02-25). *Business Today*. 2024-02-25. [Archived](https://web.archive.org/web/20240317041633/https://www.businesstoday.in/india/story/maldives-home-ministry-website-hacked-over-anti-india-actions-report-418856-2024-02-25) from the original on 17 March 2024. Retrieved 2024-07-19.

1. **[^](#cite_ref-234)** ["Hackers Targeted Maldives' Pro-China President? Suspicion After Website Goes Down Amid India Tussle"](https://www.hindustantimes.com/videos/world-news/hackers-targeted-maldives-pro-china-president-suspicion-after-website-goes-down-amid-india-tussle-101704627501703.html). *Hindustan Times*. 7 January 2024. p. 1. [Archived](https://web.archive.org/web/20240229024802/https://www.hindustantimes.com/videos/world-news/hackers-targeted-maldives-pro-china-president-suspicion-after-website-goes-down-amid-india-tussle-101704627501703.html) from the original on 29 February 2024.

1. **[^](#cite_ref-235)** Hindustan Times (2024-01-07). [*Hackers Target Maldives' Pro-China President? Suspicion After Website Goes Down Amid India Tussle*](https://www.youtube.com/watch?v=gL7yj8iJ7FM). Retrieved 2024-07-19 – via YouTube.

1. **[^](#cite_ref-236)** Khaitan, Ashish (2024-01-08). ["Cyberattack On Maldives Government: Websites Restored"](https://thecyberexpress.com/cyberattack-on-maldives-government/). *The Cyber Express*. [Archived](https://web.archive.org/web/20240108073007/https://thecyberexpress.com/cyberattack-on-maldives-government/) from the original on 8 January 2024. Retrieved 2024-07-19.

1. **[^](#cite_ref-237)** Jain, Samiksha (2024-01-10). ["Maldivian Juvenile Court Website Hacked In Amid India Spat"](https://thecyberexpress.com/maldivian-juvenile-court-website-hacked/). *The Cyber Express*. [Archived](https://web.archive.org/web/20240207001558/https://thecyberexpress.com/maldivian-juvenile-court-website-hacked/) from the original on 7 February 2024. Retrieved 2024-07-19.

1. **[^](#cite_ref-238)** ["Pakistani hackers deface Burger Singh website; read hackers' message and the company's response"](https://timesofindia.indiatimes.com/gadgets-news/pakistani-hackers-deface-burger-singh-website-read-hackers-message-and-companys-response/articleshow/108068183.cms). *The Times of India*. 29 February 2024. Retrieved 21 March 2024.

1. **[^](#cite_ref-239)** Siddiqui, Zeba (27 June 2024). ["Microsoft informs customers that Russian hackers spied on emails"](https://www.reuters.com/technology/cybersecurity/microsoft-tells-clients-russian-hackers-viewed-emails-bloomberg-news-reports-2024-06-27/). *Reuters*. Retrieved 1 July 2024.

1. **[^](#cite_ref-bitdefender-foreign-state-suspected-in-theft-of-police-officers-data_240-0)** Constantinescu, Vlad (2024-10-08). ["Foreign State Suspected in Theft of Dutch Police Officers' Data"](https://www.bitdefender.com/en-us/blog/hotforsecurity/foreign-state-suspected-in-theft-of-dutch-police-officers-data/). *[Bitdefender](/source/Bitdefender)*. Retrieved 2024-10-17.

1. **[^](#cite_ref-241)** Silberling, Lorenzo Franceschi-Bicchierai, Amanda (2025-04-15). ["Notorious image board 4chan hacked and internal data leaked"](https://techcrunch.com/2025/04/15/notorious-image-board-4chan-hacked-and-internal-data-leaked/). *TechCrunch*. Retrieved 2025-04-17.{{[cite web](https://en.wikipedia.org/wiki/Template:Cite_web)}}: CS1 maint: multiple names: authors list ([link](https://en.wikipedia.org/wiki/Category:CS1_maint:_multiple_names:_authors_list))

1. **[^](#cite_ref-242)** Dellinger, A. J. (2025-04-15). ["Internet Cesspool 4chan Is Down After Alleged Hack, Rival Forum Users Claim Credit"](https://gizmodo.com/internet-cesspool-4chan-is-down-after-alleged-hack-rival-forum-users-claim-credit-2000589582). *Gizmodo*. Retrieved 2025-04-17.

1. **[^](#cite_ref-243)** ["4chan, internet's 'most notorious website', is likely dead"](https://www.firstpost.com/tech/4chan-internets-most-notorious-website-is-likely-dead-13880817.html). *Firstpost*. 2025-04-17. Retrieved 2025-04-17.

1. **[^](#cite_ref-244)** Deb, Kushal (2025-06-19). ["Israeli hackers breach Iranian TV, urging Iranians to rise up in protest"](https://www.wionews.com/world/israeli-hackers-breach-iranian-tv-urging-iranians-to-rise-up-in-protest-1750304429134). *[WION](/source/WION)*. [Archived](https://web.archive.org/web/20250622145240/https://www.wionews.com/world/israeli-hackers-breach-iranian-tv-urging-iranians-to-rise-up-in-protest-1750304429134) from the original on 2025-06-22. Retrieved 2025-06-26.

1. **[^](#cite_ref-245)** ["Iranian TV hacked, protest footage aired; Israel blamed for cyber offensive"](https://www.i24news.tv/en/news/israel/defense/artc-iranian-tv-hacked-protest-footage-aired-israel-blamed-for-cyber-offensive). *[i24NEWS](/source/I24NEWS)*. 2025-06-19. [Archived](https://web.archive.org/web/20250620162746/https://www.i24news.tv/en/news/israel/defense/artc-iranian-tv-hacked-protest-footage-aired-israel-blamed-for-cyber-offensive) from the original on 2025-06-20. Retrieved 2025-06-26.

1. **[^](#cite_ref-246)** Zemler, Emily (2025-07-14). ["Hacked Elmo X Account Shares Antisemitic Posts, Calls Trump Netanyahu's 'Puppet'"](https://www.rollingstone.com/tv-movies/tv-movie-news/elmo-hacked-x-account-antisemitic-posts-1235384684/). *Rolling Stone*. Retrieved 2025-07-14.

## Further reading

- Lundell, Allan (1989). [*Virus! The secret world of computer invaders that breed and destroy*](https://archive.org/details/virussecretworld0000lund). Wayne A. Yacco. [ISBN](/source/ISBN_(identifier)) [0-8092-4437-3](https://en.wikipedia.org/wiki/Special:BookSources/0-8092-4437-3).

- Landreth, Bill (1985). *Out of the Inner Circle*. Tempus Books of Microsoft Press. [ISBN](/source/ISBN_(identifier)) [1-55615-223-X](https://en.wikipedia.org/wiki/Special:BookSources/1-55615-223-X).

- Bowcott, Owen; Hamilton, Sally (1990). *Beating the System: Hackers, phreakers and electronic spies*. Bloomsbury. [ISBN](/source/ISBN_(identifier)) [0-7475-0513-6](https://en.wikipedia.org/wiki/Special:BookSources/0-7475-0513-6).

- Fites, Philip; Johnston, Peter; Kratz, Martin (1989). [*The computer virus crisis*](https://archive.org/details/computerviruscri00fite). Van Nostrand Reinhold. [ISBN](/source/ISBN_(identifier)) [0-442-28532-9](https://en.wikipedia.org/wiki/Special:BookSources/0-442-28532-9).

- Sterling, Bruce (1992). *The Hacker Crackdown: Law and disorder on the electronic frontier*. Penguin. [ISBN](/source/ISBN_(identifier)) [0-14-017734-5](https://en.wikipedia.org/wiki/Special:BookSources/0-14-017734-5).

- Gold, Steve (1989). *Hugo Cornwall's New Hacker's Handbook*. London: Century Hutchinson Ltd. [ISBN](/source/ISBN_(identifier)) [0-7126-3454-1](https://en.wikipedia.org/wiki/Special:BookSources/0-7126-3454-1).

---
Adapted from the Wikipedia article [List of security hacking incidents](https://en.wikipedia.org/wiki/List_of_security_hacking_incidents) by Wikipedia contributors ([contributor history](https://en.wikipedia.org/wiki/List_of_security_hacking_incidents?action=history)). Available under [Creative Commons Attribution-ShareAlike 4.0 International](https://creativecommons.org/licenses/by-sa/4.0/). Changes may have been made.
