J003-Content-Hack-hall-of-shameV2_SQIf March 2016 was the month of Ransomware, April 2016 was surely the month of voter data with more than 140 million records being available online after both the Philippines and the Mexican voter databases were breached affecting 55 million and 93.4 million records respectively.

April was also the month when the Panama Papers finally came to light through the work of ICIJ and other media organizations around the world. The hack, which exposed all of the dealings of Mossack Fonseca, happened more than a year ago, but with 2.1TB of data to sift through it took some time for all the information to come to be revealed.

In the meantime, let’s countdown the top 10 hacks, attacks, and vulnerabilities of April 2016

Mexican voter database publicly available

Chris Vickery, security researcher at MacKeeper, discovered an unsecured database containing 93 million Mexican names, addresses, dates of birth and voter ID numbers. The breach was discovered on April 14 when Vickery found the database hosted on an Amazon cloud server, was publicly available. The seriousness of this breach is made even more worrying when taking into consideration the kidnapping problem in Mexico, making this kind of information very dangerous in the hands of cartels. Vickery eventually managed to get in touch with Mexican authorities, and on April 22 the database was no longer publicly available.


55 million Philippines voters’ details leaked

Before the Mexican voter database leak, there was another massive breach, this time affecting 55 million Filipino voters. Very sensitive information, which included passport and fingerprint data, was also included in the data dump. However, the Philippines’ Commission on Elections (COMELEC) played down the breach and said that no sensitive information was made available. Hacker group LulzSec has taken responsibility for posting the entire database online.

The Panama papers

Described as the largest leak in the history of breaches so far, the Panama Papers consist on more than 11 million leaked files that expose many people who use offshore tax companies to facilitate illegal activities from tax evasion to money laundering. Hidden in these files are 140 politicians from more than 50 countries who are connected to offshore companies in 21 tax havens. On May 9 the  International Consortium of Investigative Journalists will be releasing a searchable database with information on more than 200,000 offshore entities.

Qatar National Bank suffers a breach

Around 1.4GBs of data, which included sensitive documents from the Qatar National Bank, was leaked and posted on a whistleblower site called Cryptome on April 2016. There are a total of 15,460 files which includes “passwords, PINs, and payment card data, for hundreds of thousands of the bank customers’ accounts” according to Bank Info Security.

Minecraft Lifeboat hack

Minecraft community Lifeboat was hacked with more than 7 million accounts were exposed, and the data included email addresses and weakly hashed passwords. The breach was made public by security researcher Troy Hunt who runs the “Have I been pwned” website who said it was passed on to him by someone who is involved in trading data. When Motherboard talked to some of the victims, they expressed their disbelief at not being notified by Lifeboat about the breach.

More porn users compromised

In yet another breach, this time affecting porn users of Naughty America. Around 3.8 million records which include emails and account passwords turned up on the Dark Web and were offered for sale for just $300. Researchers attributed the low price tag to the fact that the passwords had strong encryption in place.

Spotify accounts are once again shared online

Once again, hundred of Spotify accounts found their way on Pastebin. The data included emails, usernames, passwords and accounts types, and unfortunately, it’s not the first time Spotify accounts were posted on the site, but it can be the case that these details are from an earlier breach, rather than a new one. Some Spotify users said they noticed their accounts were hacked because they saw weird activity in their “recently played” songs.

The BadLock bug

In March the security industry started talking about the BadLock vulnerability. It came with a bold red logo and a dedicated website. Badlock is a security defect affecting access to Active Directory, and it can be found in every version of Windows and Linux. The hype is indeed justified, especially for those sysadmins that don’t patch their systems right away, but instead of the vulnerability being the centerpiece of the news, it all started revolving around the hype created instead.

Yearly tax scams rear their ugly head

In the US, April is known as Tax Month, and this year the usual slew of tax scams made their way into users’ inboxes. The IRS website keeps a detailed page of all the scams that crop up and this tax season there was a bountiful of them. One of the scams revolves around W-2 scams and targeted payroll and HR professionals. The phishing email would contain the actual name of the company’s CEO asking the HR department for a list of employees together with other personal information.

Even more ransomware

Ransomware isn’t missing a beat, and in April users were presented with the JIGSAW ransomware, referring to the Jigsaw character in the Saw movies. This new “creepy” type of ransomware comes complete with a time limit of 24 hours to pay the ransom or else all data is deleted.


Get your free 30-day GFI LanGuard trial

Get immediate results. Identify where you’re vulnerable with your first scan on your first day of a 30-day trial. Take the necessary steps to fix all issues.