Sat in my Christmas jumper eating a mince pie and listening to my Christmas playlist, my Christmas spirit is palpable. However, even the sheer size of my excitement for Christmas isn’t enough to stop me keeping an eye on the developments on Sony cyber attack or, in fact, all cyber crime news.
Several articles have been posted on the IT Governance blogs in the past few weeks detailing cyber criminals and their increased activity during the Christmas period. Our expectations were correct: December has been a terrible month for cyber security.
Rather than posting my usual ‘list of breaches and cyber attacks this month’ article, I’ve decided to look back on some of the more prominent hacks and data breaches of 2014.
Please note: The following list is only a snapshot of 2014’s events and shouldn’t be considered a definitive list. For even more hacks and breaches, please click the desired month and you’ll be directed to our monthly summary.
1 January, 2014 – 1.1 MILLION customers’ credit card data was swiped in Neiman Marcus breach
20 January, 2014 – Credit Card Details of 20 Million South Koreans Stolen
21 January, 2014 – Microsoft blog hacked by Syrian Electronic Army
24 January, 2014 – CNN website, Twitter and Facebook hijacked by Syrian Electronic Army
25 January, 2014 – Michaels Stores confirms payment card information compromised in breach
5 February, 2014 – Texas health system attacked, data on more than 400K compromised
14 February, 2014 – Forbes.com Hacked by Syrian Electronic Army Because of “Hate for Syria”
16 February, 2014 – Kickstarter hacked: Passwords, phone numbers, and phone numbers stolen
24 February, 2014 – YouTube ads spread banking malware
25 February, 2014 – Mt. Gox exchange goes dark as allegations of $350 million hack swirl
10 March, 2014 – Hackers steal 12 million customer records from South Korean phone giant
14 March, 2014 – Credit Card Breach at California DMV
17 March, 2014 – Morrisons employee arrested following data breach involving details of 100k staff
20 March, 2014 – EA Games website hacked to phish Apple IDs from users
28 March, 2014 – Malware in 34 Spec’s stores, payment data compromised for 550K
7 April, 2014 – Germany suffers biggest ever data breach in its history
8 April, 2014 – The Heartbleed bug: serious vulnerability found in OpenSSL cryptographic software library
15 April, 2014 – German space centre endures cyber attack
15 April, 2014 – Welsh Councils break DPA 2.5 times a week
22 April, 2014 – Iowa State server breach exposes SSNs of nearly 30,000
29 April, 2014 – Security breach at AOL. Users told to change passwords
8 May, 2014 – Orange Suffers Data Breach Again, 1.3 Million Affected
9 May, 2014 – WooThemes users notified of payment card breach, 300 reports of fraud
21 May, 2014 – eBay Suffers Cyber Attack, Users Asked to Change Passwords
27 May, 2014 – Avast Suffers Cyber Attack; 400,000 users affected
14 June, 2014 – P.F. Chang’s Confirms Credit Card Breach
17 June, 2014 – Hackers Takeaway Domino’s Pizza Customer Data; More Puns Inside
19 June, 2014 – Hacker puts Code Spaces out of business
19 June, 2014 – Sun and Sunday Times Websites Hacked by the Syrian Electronic Army
22 June, 2014 – British Gas Help Twitter account hacked, customers pointed towards phishing sites
23 June, 2014 – ‘Most sophisticated DDoS’ ever strikes Hong Kong democracy poll
25 June, 2014 – European Bank Hit by Cyber Attack; £400,000 stolen
1 July, 2014 – Energy Firms Hacked by Cyber Espionage Group ‘Dragonfly’
4 July, 2014 – $3.75 Billion Brazilian Boleto Malware Attack
8 July, 2014 – HotelHippo.com Closes after Data Leak
15 July, 2014 – CNET Hacked, One Million Users’ Data Stolen
16 July, 2014 – Information Commissioner’s Office Suffers Data Security Breach
23 July, 2014 – eBay has suffered a security breach for the second time this year
31 July, 2014 – Gizmodo Brazil hacked, fake Adobe Flash download opens backdoor
31 July, 2014 – Massive Paddy Power hack: nearly 650,000 customers’ records stolen
5 August, 2014 – Goodwill and FBI Investigate Possible Security Breach
15 August, 2014 – Supervalu supermarket chain begin investigating possible data breach
19 August, 2014 – US Cyber Crime Goes Nuclear: NRC Computers Hacked THREE Times
21 August, 2014 – Over 50 UPS franchises hit by data breach
27 August, 2014 – Norwegian oil industry under attack by hackers
27 August, 2014 – Records of 25,000 Homeland Security Employees Stolen in Cyber Attack
28 August, 2014 – FBI Probes Possible Hacking Incident at J.P. Morgan
4 September, 2014 – Home Depot suffers breach that may be larger than Target’s
5 September, 2014 – 800k Payment Cards Compromised in Goodwill Industries Breach
5 September, 2014 – ObamaCare Website Hacked
18 September, 2014 – Home Depot: 56M Cards Impacted, Malware Contained
23 September, 2014 – 880,000 Affected by Viator Payment Card Breach
25 September, 2015 – Payment card data stolen in Jimmy John’s data breach
29 September, 2014 – Hundreds of US Stores Affected as POS Provider is Hacked
30 September, 2014 – SuperValu compromised again – for the second time in three months
3 October, 2014 – JPMorgan suffers data breach affecting 76 million customers
10 October, 2014 – Dairy Queen data breach hits 395 stores
14 October, 2014 – ‘Big K’ raided by hackers: Kmart warns customers after malware discovered
21 October, 2014 – Staples stores investigated: suspected payment card breach
23 October, 2014 – POODLE attack digs up downgrade flaw in TLS
29 October, 2014 – White House unclassified network hacked
7 November, 2014 – Home Depot admits 53 million email addresses stolen in data breach
13 November, 2014 – Data breach affects 2.7 million HSBC Turkey cardholders
17 November, 2014 – US State Department network shut amid reports of cyber breach
18 November, 2014 – Staples confirms POS malware attack
25 November, 2014 – Sony Pictures Entertainment hacked
27 November, 2014 – Syrian Electronic Army attack on Gigya affects Telegraph, Independent, Evening Standard…
December
4 December, 2014 – Possible credit card breach at Bebe Stores
11 December, 2014 – Union Station parking lot suffers suspected data breach
11 December, 2014 – Electronic payment company CHARGE Anywhere suffers five-year breach
15 December, 2014 – Personal information leaked in University of California, Berkeley, data breach
19 December, 2014 – KeyPoint cyber attack compromises 48,000 federal employees
22 December, 2014 – Staples confirm details of six-month breach, 1.16 million cards affected
Share now…
Dear Lewis, Thanks for compiling and sharing these incidents.
Hope this help bring in more wisdom!
Lewis, I too want to thank you for compiling and sharing these incidents. I was tracking the same items but trying to tie specific malware to each breach. i’m wondering if you have the specific malware tied to each attack or not.
Thanks Tony. Unfortunately, no, I don’t have the malware data.
Thanks for sharing. Great overview.
So does anyone have a clue if any of these organizations were ISO 27000 certified?
Thanks Lewis, for taking the time to put this list together.