Incidents - The Cyber Security Incident Database (CSIDB)

Advanced Search
Jan 1994	M1-Sporttechnik	Germany	The provided article describes M1-Sporttechnik as a bicycle manufacturer specializing in carbon e-bikes, highlighting its history of innovation since its founding and its active social media presence across platforms like Facebook and Instagram. No cybersecurity incident details are mentioned in the source material—the content focuses exclusively on promotional information about the company's products, community engagement, and website cookie usage. The article contains no references to data breaches, system compromises, or malicious activity affecting the organization or its customers.
Jan 1995	Radiohead	United Kingdom	A cyberattack targeted unreleased music sessions from an alternative rock band's archived mini discs, with hackers demanding a ransom to prevent public release. The group refused payment and instead independently published the stolen 18 hours of material under the title MINIDISCS [HACKED], making it available for purchase with all proceeds directed to an environmental activism organization. The compromised content consisted of recordings not originally intended for public distribution. By proactively releasing the material, the band neutralized the attackers' leverage while converting the incident into a charitable initiative supporting ecological causes.
Sep 1996	MediaQMI Inc.	Canada	Canoe.ca experienced a data breach compromising personal information of approximately one million users, including names, email and mailing addresses, and phone numbers collected through site interactions such as contests and forums. The company confirmed no financial data was affected, initiated an investigation with security experts, notified law enforcement and privacy authorities, and established a dedicated contact line for impacted individuals.
Jan 2000	Porsche Japan	Japan	Porsche Japan experienced a data breach compromising customer information through unauthorized access, exposing over 28,000 email addresses primarily linked to online brochure requests. Potentially affected data included names, physical addresses, telephone numbers, and income details stored during customer interactions. The incident involved historical records of consumer engagements, resulting in significant exposure of personal identifiers and sensitive financial attributes.
Dec 2004	Israeli Government	Israel	A sophisticated cyber espionage campaign, attributed to Iranian actors and named Infy, targeted Israeli entities and a U.S. government organization through spear phishing emails containing malicious documents. The malware, delivered via compromised Israeli email accounts, employed evasion techniques such as delayed activation until system reboot, then harvested sensitive data including keystrokes, browser credentials, and cookies for exfiltration to command-and-control infrastructure. The operation demonstrated sustained refinement over years, incorporating regional targeting tactics and adapting to new technologies like the Microsoft Edge browser. Evidence from infrastructure analysis, including domain naming patterns and server locations, pointed to Iranian involvement, with the campaign focusing on governmental, commercial, and even domestic targets for intelligence collection while maintaining a low profile to avoid detection.
Jan 2006	Lawrence Berkeley National Laboratory	United States of America	Two Chinese nationals associated with the APT10 hacking group, operating in conjunction with China's Ministry of State Security, conducted a global cyber espionage campaign targeting intellectual property and confidential business data. The group compromised managed service providers to access client networks and infiltrated technology companies and government agencies, stealing sensitive information across sectors including aviation, healthcare, biotechnology, telecommunications, and energy. Their operations involved unauthorized access to hundreds of gigabytes of proprietary data, leveraging stolen credentials and infrastructure to sustain intrusions over multiple years. The campaign impacted numerous U.S. entities through coordinated theft of technological and commercial secrets.
Jan 2006	Goddard Space Flight Center	China	Chinese state-sponsored hackers associated with the APT10 group infiltrated a U.S. space research center and numerous technology firms through sustained cyber espionage campaigns. Operating under China's Ministry of State Security, the attackers compromised managed service providers to access sensitive networks, stealing intellectual property and confidential data across critical sectors including satellite technology, aviation, healthcare, and energy. The breach at the NASA facility formed part of broader operations targeting over 45 companies and government agencies, resulting in the theft of hundreds of gigabytes of proprietary information spanning industrial automation, telecommunications, and biotechnology over more than a decade.
Jan 2006	NASA Jet Propulsion Laboratory	United States of America	Chinese state-sponsored hackers associated with the APT10 group conducted a decade-long cyber espionage campaign targeting managed service providers, technology firms, and government entities to steal intellectual property and sensitive business data. The attackers compromised IT infrastructure to access victim networks globally, exfiltrating hundreds of gigabytes of proprietary information across diverse sectors including aviation, satellite technology, healthcare, telecommunications, and energy exploration. The operation involved leveraging MSP access to infiltrate client systems and systematically harvest confidential technological and commercial data.
Jan 2008	Bank of North Dakota	United States of America	Hackers affiliated with @TheFamilyMethod, operating under the alias @hackinyolife ("Fear"), publicly claimed responsibility for compromising the Bank of North Dakota and released transaction logs containing 124 records. The exposed data included cardholder postal addresses, payment card types, the last four digits of card numbers, transaction authorization codes, and merchant details, though consumer names were not present in the logs. The financial institution did not respond to inquiries from a cybersecurity outlet seeking confirmation of the breach's authenticity after being notified of the data disclosure.


Mar 2008	Yale University	United States of America	Yale University disclosed a past data breach impacting approximately 119,000 individuals, including members, alumni, faculty, and staff, stemming from unauthorized access to a database over a decade ago. Compromised information included names, Social Security numbers, and dates of birth for most victims, with some also experiencing exposure of email and physical addresses; no financial data was accessed. The intrusion remained undetected until a recent server review, despite prior database maintenance activities that deleted personal information without uncovering the breach.
Jan 2009	The Boeing Company	United States of America	A Chinese businessman collaborating with unidentified individuals in China orchestrated cyber intrusions targeting Boeing and other aerospace firms, stealing sensitive military aircraft data including details on fighter jets and cargo planes to advance Chinese aviation capabilities. The defendant, arrested in cooperation with international law enforcement, allegedly facilitated the theft to enable technological gains, as evidenced by communications stating the intent to rapidly catch up with US defense industry standards.
Jan 2009	Lockheed Martin	United States of America	A Chinese aerospace executive was charged with conspiring to hack major US defense contractors, including Lockheed Martin, to steal sensitive military aircraft data such as designs for the F-22, F-35, and C-17 programs. Working with China-based hackers, the individual facilitated unauthorized access to corporate networks over several years, intending to transfer proprietary information to benefit Chinese aviation development. The suspect was arrested overseas through international law enforcement cooperation and allegedly described the stolen data as enabling China to rapidly advance its aerospace capabilities by building upon US technology.
Oct 2009	University of Alabama	United States of America	The University of Alabama disclosed a historical unauthorized access incident involving a server at its Brewer-Porch Children’s Center, discovered during preparations to decommission outdated equipment. The breach exposed personal and medical information of former clients, alongside Social Security numbers and employment-related data of employees and medical providers associated with the center over a multi-year period. Approximately 1,400 individuals were impacted, with foreign-origin login activity identified as the intrusion vector. The institution provided notifications to affected parties in compliance with regulatory obligations.
Jan 2010	Dimension Data	China	A group of Chinese state-sponsored hackers known as APT10 conducted a prolonged cyber espionage campaign targeting multiple global technology service providers, including Dimension Data, by compromising their cloud infrastructure to access client networks. The attackers exploited vulnerabilities in outsourced IT services to steal sensitive corporate and government data, aiming to advance Chinese economic interests. Despite security efforts and a diplomatic agreement against economic espionage, the hackers persisted, leveraging compromised providers as launchpads for further intrusions. The incident revealed systemic challenges in cloud security and information sharing, as service providers often withheld breach details from affected clients due to legal and reputational concerns, potentially leaving many victims unaware of compromises.
Jan 2010	APT17	China	APT17, a cyber-espionage group linked to China's Ministry of State Security via its Jinan bureau, was exposed by Intrusion Truth, an anonymous cybersecurity collective. The group identified three individuals operating as contractors for the ministry, alleging they conducted on-demand hacking operations from Jinan. This revelation followed Intrusion Truth's prior successful doxing of Chinese state-linked APT groups APT3 and APT10, which led to U.S. Department of Justice indictments. The exposure reinforced established patterns of Chinese state-sponsored cyber operations, though Chinese hacking activities reportedly continued despite previous indictments and naming efforts.
Jan 2010	Computer Sciences Corporation	China	A Chinese state-linked hacking group, APT10, conducted a prolonged cyber espionage campaign targeting multiple technology service providers and their clients through compromised cloud computing infrastructures. The attackers exploited vendor networks, including Hewlett Packard Enterprise, to steal corporate and government secrets, aiming to advance Chinese economic interests. Despite detection efforts and a diplomatic agreement against economic espionage, the campaign persisted, hindered by service providers withholding breach details due to liability and reputational concerns. This lack of transparency left many victims unaware of compromises, underscoring systemic vulnerabilities in cloud security and challenges in coordinated cyber defense.
Jan 2010	Ericsson	China	A Swedish telecoms equipment giant was repeatedly targeted by suspected Chinese state-sponsored hackers over multiple years, compromising its systems through a breached IT service provider's cloud platform. The attackers, linked to China's Ministry of State Security and identified as APT10, exploited cloud service vulnerabilities to steal corporate and government secrets, persisting despite security countermeasures and international agreements against economic espionage. The incident exposed systemic challenges as service providers withheld critical breach details from affected clients, hampering response efforts and leaving many victims unaware of compromises. This campaign underscored inherent security risks in outsourced cloud computing models while demonstrating advanced threat actors' ability to maintain prolonged access for intellectual property theft.
Jan 2010	Ant Group	China	A former Alipay employee and two accomplices were apprehended for stealing and selling customer data, including phone numbers, addresses, email accounts, and transaction records, to e-commerce companies seeking advertising targets. The payment platform detected the unauthorized activity during internal audits and reported it to law enforcement, leading to the suspects' custody. The stolen information, totaling approximately 20 gigabytes, was extracted from internal systems over multiple years, though sensitive financial details like encrypted bank card numbers and payment passwords remained secure. The incident highlighted broader concerns about personal data trafficking, with authorities noting similar patterns in other cases involving criminal networks exploiting stolen information for fraudulent transactions.
Jan 2010	Hewlett Packard Enterprise	China	Hewlett Packard Enterprise's cloud computing services were compromised by suspected Chinese state-sponsored hackers linked to the Ministry of State Security, enabling attackers to use the company as a launchpad for infiltrating customer networks. The campaign, known as Cloud Hopper and attributed to group APT10, targeted multiple technology firms and government entities to steal corporate secrets for economic espionage purposes. Despite security countermeasures and international agreements against cyber-enabled industrial spying, the attackers persistently exploited cloud service vulnerabilities over several years. The incident revealed systemic challenges in threat response, as service providers reportedly withheld critical breach information from affected clients, potentially limiting damage assessments and remediation efforts while exposing broader risks in outsourced IT infrastructure.
Jan 2010	Nuclear Regulatory Commission	United States of America	The Nuclear Regulatory Commission experienced multiple cyber intrusions involving credential harvesting through phishing emails that directed employees to malicious cloud-based documents, resulting in compromised systems and unauthorized access. Attackers employed spearphishing with malware-laden links and exploited a personal email account to distribute malicious PDF attachments, leading to further infections. Investigations traced some activities to foreign entities, though specific nations were unidentified, with experts suggesting potential nation-state involvement due to the sensitive nature of the agency's oversight of nuclear infrastructure. The breaches prompted system clean-ups, profile resets, and enhanced employee training, while the commission emphasized its existing security measures mitigated most attack attempts.
Advanced Search

Jan 1994

Germany

The provided article describes M1-Sporttechnik as a bicycle manufacturer specializing in carbon e-bikes, highlighting its history of innovation since its founding and its active social media presence across platforms like Facebook and Instagram. No cybersecurity incident details are mentioned in the source material—the content focuses exclusively on promotional information about the company's products, community engagement, and website cookie usage. The article contains no references to data breaches, system compromises, or malicious activity affecting the organization or its customers.

Jan 1995

Radiohead

United Kingdom

A cyberattack targeted unreleased music sessions from an alternative rock band's archived mini discs, with hackers demanding a ransom to prevent public release. The group refused payment and instead independently published the stolen 18 hours of material under the title MINIDISCS [HACKED], making it available for purchase with all proceeds directed to an environmental activism organization. The compromised content consisted of recordings not originally intended for public distribution. By proactively releasing the material, the band neutralized the attackers' leverage while converting the incident into a charitable initiative supporting ecological causes.

Sep 1996

MediaQMI Inc.

Canada

Canoe.ca experienced a data breach compromising personal information of approximately one million users, including names, email and mailing addresses, and phone numbers collected through site interactions such as contests and forums. The company confirmed no financial data was affected, initiated an investigation with security experts, notified law enforcement and privacy authorities, and established a dedicated contact line for impacted individuals.

Jan 2000

Porsche Japan

Japan

Porsche Japan experienced a data breach compromising customer information through unauthorized access, exposing over 28,000 email addresses primarily linked to online brochure requests. Potentially affected data included names, physical addresses, telephone numbers, and income details stored during customer interactions. The incident involved historical records of consumer engagements, resulting in significant exposure of personal identifiers and sensitive financial attributes.

Dec 2004

Israeli Government

Israel

A sophisticated cyber espionage campaign, attributed to Iranian actors and named Infy, targeted Israeli entities and a U.S. government organization through spear phishing emails containing malicious documents. The malware, delivered via compromised Israeli email accounts, employed evasion techniques such as delayed activation until system reboot, then harvested sensitive data including keystrokes, browser credentials, and cookies for exfiltration to command-and-control infrastructure. The operation demonstrated sustained refinement over years, incorporating regional targeting tactics and adapting to new technologies like the Microsoft Edge browser. Evidence from infrastructure analysis, including domain naming patterns and server locations, pointed to Iranian involvement, with the campaign focusing on governmental, commercial, and even domestic targets for intelligence collection while maintaining a low profile to avoid detection.

Jan 2006

Lawrence Berkeley National Laboratory

United States of America

Two Chinese nationals associated with the APT10 hacking group, operating in conjunction with China's Ministry of State Security, conducted a global cyber espionage campaign targeting intellectual property and confidential business data. The group compromised managed service providers to access client networks and infiltrated technology companies and government agencies, stealing sensitive information across sectors including aviation, healthcare, biotechnology, telecommunications, and energy. Their operations involved unauthorized access to hundreds of gigabytes of proprietary data, leveraging stolen credentials and infrastructure to sustain intrusions over multiple years. The campaign impacted numerous U.S. entities through coordinated theft of technological and commercial secrets.

Jan 2006

Goddard Space Flight Center

China

Chinese state-sponsored hackers associated with the APT10 group infiltrated a U.S. space research center and numerous technology firms through sustained cyber espionage campaigns. Operating under China's Ministry of State Security, the attackers compromised managed service providers to access sensitive networks, stealing intellectual property and confidential data across critical sectors including satellite technology, aviation, healthcare, and energy. The breach at the NASA facility formed part of broader operations targeting over 45 companies and government agencies, resulting in the theft of hundreds of gigabytes of proprietary information spanning industrial automation, telecommunications, and biotechnology over more than a decade.

Jan 2006

NASA Jet Propulsion Laboratory

United States of America

Chinese state-sponsored hackers associated with the APT10 group conducted a decade-long cyber espionage campaign targeting managed service providers, technology firms, and government entities to steal intellectual property and sensitive business data. The attackers compromised IT infrastructure to access victim networks globally, exfiltrating hundreds of gigabytes of proprietary information across diverse sectors including aviation, satellite technology, healthcare, telecommunications, and energy exploration. The operation involved leveraging MSP access to infiltrate client systems and systematically harvest confidential technological and commercial data.

Jan 2008

Bank of North Dakota

United States of America

Hackers affiliated with @TheFamilyMethod, operating under the alias @hackinyolife ("Fear"), publicly claimed responsibility for compromising the Bank of North Dakota and released transaction logs containing 124 records. The exposed data included cardholder postal addresses, payment card types, the last four digits of card numbers, transaction authorization codes, and merchant details, though consumer names were not present in the logs. The financial institution did not respond to inquiries from a cybersecurity outlet seeking confirmation of the breach's authenticity after being notified of the data disclosure.

Mar 2008

Yale University

United States of America

Yale University disclosed a past data breach impacting approximately 119,000 individuals, including members, alumni, faculty, and staff, stemming from unauthorized access to a database over a decade ago. Compromised information included names, Social Security numbers, and dates of birth for most victims, with some also experiencing exposure of email and physical addresses; no financial data was accessed. The intrusion remained undetected until a recent server review, despite prior database maintenance activities that deleted personal information without uncovering the breach.

Jan 2009

The Boeing Company

United States of America

A Chinese businessman collaborating with unidentified individuals in China orchestrated cyber intrusions targeting Boeing and other aerospace firms, stealing sensitive military aircraft data including details on fighter jets and cargo planes to advance Chinese aviation capabilities. The defendant, arrested in cooperation with international law enforcement, allegedly facilitated the theft to enable technological gains, as evidenced by communications stating the intent to rapidly catch up with US defense industry standards.

Jan 2009

Lockheed Martin

United States of America

A Chinese aerospace executive was charged with conspiring to hack major US defense contractors, including Lockheed Martin, to steal sensitive military aircraft data such as designs for the F-22, F-35, and C-17 programs. Working with China-based hackers, the individual facilitated unauthorized access to corporate networks over several years, intending to transfer proprietary information to benefit Chinese aviation development. The suspect was arrested overseas through international law enforcement cooperation and allegedly described the stolen data as enabling China to rapidly advance its aerospace capabilities by building upon US technology.

Oct 2009

University of Alabama

United States of America

The University of Alabama disclosed a historical unauthorized access incident involving a server at its Brewer-Porch Children’s Center, discovered during preparations to decommission outdated equipment. The breach exposed personal and medical information of former clients, alongside Social Security numbers and employment-related data of employees and medical providers associated with the center over a multi-year period. Approximately 1,400 individuals were impacted, with foreign-origin login activity identified as the intrusion vector. The institution provided notifications to affected parties in compliance with regulatory obligations.

Jan 2010

Dimension Data

China

A group of Chinese state-sponsored hackers known as APT10 conducted a prolonged cyber espionage campaign targeting multiple global technology service providers, including Dimension Data, by compromising their cloud infrastructure to access client networks. The attackers exploited vulnerabilities in outsourced IT services to steal sensitive corporate and government data, aiming to advance Chinese economic interests. Despite security efforts and a diplomatic agreement against economic espionage, the hackers persisted, leveraging compromised providers as launchpads for further intrusions. The incident revealed systemic challenges in cloud security and information sharing, as service providers often withheld breach details from affected clients due to legal and reputational concerns, potentially leaving many victims unaware of compromises.

Jan 2010

APT17

China

APT17, a cyber-espionage group linked to China's Ministry of State Security via its Jinan bureau, was exposed by Intrusion Truth, an anonymous cybersecurity collective. The group identified three individuals operating as contractors for the ministry, alleging they conducted on-demand hacking operations from Jinan. This revelation followed Intrusion Truth's prior successful doxing of Chinese state-linked APT groups APT3 and APT10, which led to U.S. Department of Justice indictments. The exposure reinforced established patterns of Chinese state-sponsored cyber operations, though Chinese hacking activities reportedly continued despite previous indictments and naming efforts.

Jan 2010

Computer Sciences Corporation

China

A Chinese state-linked hacking group, APT10, conducted a prolonged cyber espionage campaign targeting multiple technology service providers and their clients through compromised cloud computing infrastructures. The attackers exploited vendor networks, including Hewlett Packard Enterprise, to steal corporate and government secrets, aiming to advance Chinese economic interests. Despite detection efforts and a diplomatic agreement against economic espionage, the campaign persisted, hindered by service providers withholding breach details due to liability and reputational concerns. This lack of transparency left many victims unaware of compromises, underscoring systemic vulnerabilities in cloud security and challenges in coordinated cyber defense.

Jan 2010

Ericsson

China

A Swedish telecoms equipment giant was repeatedly targeted by suspected Chinese state-sponsored hackers over multiple years, compromising its systems through a breached IT service provider's cloud platform. The attackers, linked to China's Ministry of State Security and identified as APT10, exploited cloud service vulnerabilities to steal corporate and government secrets, persisting despite security countermeasures and international agreements against economic espionage. The incident exposed systemic challenges as service providers withheld critical breach details from affected clients, hampering response efforts and leaving many victims unaware of compromises. This campaign underscored inherent security risks in outsourced cloud computing models while demonstrating advanced threat actors' ability to maintain prolonged access for intellectual property theft.

Jan 2010

Ant Group

China

A former Alipay employee and two accomplices were apprehended for stealing and selling customer data, including phone numbers, addresses, email accounts, and transaction records, to e-commerce companies seeking advertising targets. The payment platform detected the unauthorized activity during internal audits and reported it to law enforcement, leading to the suspects' custody. The stolen information, totaling approximately 20 gigabytes, was extracted from internal systems over multiple years, though sensitive financial details like encrypted bank card numbers and payment passwords remained secure. The incident highlighted broader concerns about personal data trafficking, with authorities noting similar patterns in other cases involving criminal networks exploiting stolen information for fraudulent transactions.

Jan 2010

Hewlett Packard Enterprise

China

Hewlett Packard Enterprise's cloud computing services were compromised by suspected Chinese state-sponsored hackers linked to the Ministry of State Security, enabling attackers to use the company as a launchpad for infiltrating customer networks. The campaign, known as Cloud Hopper and attributed to group APT10, targeted multiple technology firms and government entities to steal corporate secrets for economic espionage purposes. Despite security countermeasures and international agreements against cyber-enabled industrial spying, the attackers persistently exploited cloud service vulnerabilities over several years. The incident revealed systemic challenges in threat response, as service providers reportedly withheld critical breach information from affected clients, potentially limiting damage assessments and remediation efforts while exposing broader risks in outsourced IT infrastructure.

Jan 2010

Nuclear Regulatory Commission

United States of America

The Nuclear Regulatory Commission experienced multiple cyber intrusions involving credential harvesting through phishing emails that directed employees to malicious cloud-based documents, resulting in compromised systems and unauthorized access. Attackers employed spearphishing with malware-laden links and exploited a personal email account to distribute malicious PDF attachments, leading to further infections. Investigations traced some activities to foreign entities, though specific nations were unidentified, with experts suggesting potential nation-state involvement due to the sensitive nature of the agency's oversight of nuclear infrastructure. The breaches prompted system clean-ups, profile resets, and enhanced employee training, while the commission emphasized its existing security measures mitigated most attack attempts.

Menu