If March 2016 was the month of Ransomware, April 2016 was surely the month of voter data with more than 140 million records being available online after both the Philippines and the Mexican voter databases were breached affecting 55 million and 93.4 million records respectively.
April was also the month when the Panama Papers finally came to light through the work of ICIJ and other media organizations around the world. The hack, which exposed all of the dealings of Mossack Fonseca, happened more than a year ago, but with 2.1TB of data to sift through it took some time for all the information to come to be revealed.
In the meantime, let’s countdown the top 10 hacks, attacks and vulnerabilities of April 2016
Mexican voter database publicly available
Chris Vickery, security researcher at MacKeeper, discovered an unsecured database containing 93 million Mexican names, addresses, dates of birth and voter ID numbers. The breach was discovered on April 14 when Vickery discovered the database hosted on an Amazon cloud server, was publicly available. The seriousness of this breach is made even more worrying when taking into consideration the kidnapping problem in Mexico, making this kind of information very dangerous in the hands of cartels. Vickery eventually managed to get in touch with Mexican authorities and on April 22 the database was no longer publicly available.
55 million Philippines voters’ details leaked
Before the Mexican voter database leak, there was another massive breach, this time affecting 55 million Filipino voters. Very sensitive information, which included passport and fingerprint data, was also included in the data dump. However, the Philippines’ Commission on Elections (COMELEC) played down the breach and said that no sensitive information was made available. Hacker group LulzSec have taken responsibility for posting the entire database online.
The Panama papers
Described as the largest leak in the history of breaches so far, the Panama Papers consist on more than 11 million leaked files that exposes a number of people who use offshore tax companies to facilitate illegal activities from tax evasion to money laundering. Hidden in these files are 140 politicians from more than 50 countries who are connected to offshore companies in 21 tax havens. On May 9 the International Consortium of Investigative Journalists will be releasing a searchable database with information on more than 200,000 offshore entities.
Qatar National Bank suffers breach
Around 1.4GBs of data, which included sensitive documents from the Qatar National Bank, was leaked and posted on a whistleblower site called Cryptome on April 2016. There are a total of 15,460 files which includes “passwords, PINs and payment card data, for hundreds of thousands of the bank customers’ accounts” according to Bank Info Security.
Minecraft Lifeboat hack
Minecraft community Lifeboat was hacked with more than 7 million accounts were exposed and the data included email addresses and weakly hashed passwords. The breach was made public by security researcher Troy Hunt who runs the “Have I been pwned” website who said it was passed on to him by someone who is involved in trading data. When Motherboard talked to some of the victims they expressed their disbelief at not being notified by Lifeboat about the breach.
More porn users compromised
In yet another breach, this time affecting porn users of Naughty America. Around 3.8 million records which include emails and account passwords turned up on the Dark Web and were offered for sale for just $300. Researchers attributed the low price tag to the fact that the passwords had strong encryption in place.
Spotify accounts are once again shared online
Once again, hundred of Spotify accounts found their way on Pastebin. The data included emails, usernames, passwords and accounts types, and unfortunately, it’s not the first time Spotify accounts were pasted on the site, but it can be the case that these details are from an older breach, rather than a new one. Some Spotify users said they noticed their accounts were hacked because they saw weird activity in their “recently played” songs.
The BadLock bug
In March the security industry started talking about the BadLock vulnerability. It came with a bold red logo and a dedicated website. Badlock is a security defect affecting access to Active Directory and it can be found in every version of Windows and Linux. The hype is indeed justified, especially for those sysadmins that don’t patch their systems right away, but instead of the vulnerability being the centerpiece of the news, it all started revolving around the hype created instead.
Yearly tax scams rear their ugly head
In the US, April is known as Tax Month, and this year the usual slew of tax scams made their way into users’ inboxes. The IRS website keeps a detailed page of all the scams that crop up and this tax season there was a bountiful of them. One of the scams revolves around W-2 scams and targeted payroll and HR professionals. The phishing email would contain the actual name of the company’s CEO asking the HR department for a list of employees together with other personal information.
Even more ransomware
Ransomware isn’t missing a beat and in April users were presented with the JIGSAW ransomware, referring to the Jigsaw character in the Saw movies. This new “creepy” type of ransomware comes complete with a time limit of 24 hours to pay the ransom or else all data is deleted.