In-Depth

UPDATED: Anonymous/LulzSec Hack Timeline

Includes confirmed and denied incidents by both groups, allegedly, as well as notable events (as of January 2011).

(Updated August 23, 2011)

Below you'll find a chart outlining public attacks credited to Anonymous and/or LulzSec in 2011.

Incidents the group(s) have taken credit for through one of LulzSec's (site/twitter feed) or Anonymous' (e.g., video, press statement, unofficial twitter feed) traditional methods are marked as Confirmed. Those the organization(s) publicly denied are marked as Denied. Otherwise they are left unnoted. Gray shading indicates a notable event in the timeline not related to a specific hack (e.g., both groups announcing #AntiSec).

We will update this list with new items as they happen. If you spot an error or something we missed, please contact us right away at [email protected] or post in the comments below.

Date

Incident

Confirmed/Denied

9/22/11

Anonymous and LulzSec Hack Arrest: Two individuals believed to be a part of the hacker groups Anonymous and LulzSec were arrested by FBI after the proxy server used to hide their location failed.

9/09/11

Anonymous Releases Twitter Hacking Tool: The hacking group released an online tool to the public that would allow someone to dictate what shows up on millions of Twitter feeds.

8/22/11

Vanguard Defense Industries, a Texas-based aerospace and defense firm, was hit by a DDoS attack and 1 GB of personal information from company employees leaked online.

Confirmed: Anonymous released a note with the hijacked data, saying the company had a "sinister alliance with law enforcement."

8/14/11

The Web site for San Francisco's BART trait system was taken online and personal information of registered members was released online.

Confirmed: Anonymous released a statement earlier in the day, saying it was going to take down the site and publish the user data.

8/07/11

Personal information of around 45,000 police officers from Ecuador was released online.

Confirmed: Anonymous took credit, saying, "Ecuador Government threatens #Anonymous: Our response? Leaking data of 45000 police officers."

8/06/11

Over 10G of data from 76 rural U.S. Sheriff's offices were leaked online after hacking their third-party hosting site last week.

Confirmed: A Twitter response from Anonymous said it was part of its AntiSec operation and was retaliation for the massive arrests of members last month.

7/30/11

After British news Web Site The Sun was hacked on 7/18, data from that breach was leaked online.

Confirmed: Anonymous posted information on potential contestants entering the Miss Scotland pageant. The info was taken from The Sun Web site.

7/29/11

Information from FBI contractor ManTech and e-mails from the Department of Homeland Security were leaked online after a DDoS attack of their Web sites.

Confirmed: Anonymous took credit, saying it was part of its AntiSec operation. "Enjoy 390MB internal docs from FBI-DoD cyber-security contractor Mantech."

7/28/11

More than 500mb of NATO data was leaked after the organization's systems were breached.

Confirmed: Anonymous once again took to Twitter to claim credit. "NATO, this was your leak. Expected us?"

7/27/11

Hackers Call for PayPal Boycott: Anonymous and Lulzsec sends out another joint statement, this time calling for the boycott of PayPal over its choice to withhold donated funds to those running Wikileaks.

7/22/11

Message to FBI: In the wake of the arrests, Anonymous and LulzSec send a joint message saying that the raids would not stop the groups from operating. In the letter, the groups said, "We are not scared any more. Your threats to arrest us are meaningless to us as you cannot arrest an idea."

7/19/11

FBI Arrests 14: Arrests were made in California, New York, Florida and New Jersey of suspected members of Anonymous in an nationwide investigation by law enforcement officials.

7/18/11

Anonymous Starts Social Network: The hacker group Anonymous has started its own social network site after its group on Google+ was removed for violating Google's "community standards."

7/18/11

British newspaper Web site of The Sun was hacked and visitors were redirected to a homepage with the false news of Rupert Murdoch's death.

Confirmed: After staying relatively quiet since its announcement of joining Anonymous on 06/26, LulzSec took credit for the hack.

7/13/11

Information on 25,000 employees of U.S.-based global biotech seed company Monsanto was leaked online.

Confirmed: Anonymous admitted the hack on Twitter, saying it was part of its "Operation Green Rights" campaign.

7/11/11

Over 90,000 U.S. military e-mail addresses were leaked online. Confirmed: Anonymous took credit, saying it is part of its "Military Meltdown Monday.

7/03/11

Apple's server was broken into and a list of username and passwords were published online. Confirmed: Anonymous Tweeted that it had been involved, and the actions were taken in part of its AntiSec operation.

7/01/11

A third hack of Arizona law enforcement took place, and information on 1,200 officers were released. Confirmed: Tweet from Anonymous: "Arizona Police: Just unplug your network. Give up. You don't want to battle the #AntiSec fleet of the Internet. Let it flow

6/28/11

A collection of data stolen from Vivendi SA's Universal Music Group and Viacom Inc. was posted in a public torrent file. Confirmed: Anonymous Tweeted responsibility and said this is the first leak released by AntiSec, the merged group made up of Anonymous and LulzSec.

6/28/11

Government data from Anguilla and passwords from a Brazillian government server was leaked on the Internet today. Confirmed: Anonymous Tweeted the following message: "Starting with the userbase of Zimbabwe, rather small... But wait, we have some major U.S. companies left."

6/27/11

The Tunisian government Web site was again hacked (see 1/3/11 entry below), with a message saying Anonymous was responsible placed on the homepage. Confirmed: Anonymous released a video statement that said the attack was done because the Tunisian government had ignored previous demands for an end to the country's practice of Internet censorship.

6/26/11

LulzSec Retires: LulzSec releases a statement saying that after 50 days of leaks and hacks, it is done. "50 day torrent" released. LulzSec suggests its followers join Anonymous' activities, and the Anon unofficial twitter feed posted that "LulzBoat and its crew will now sail under the #AntiSec banner."

6/24/11

Global Banking Records: A call-to-action video is released online, claiming it is from Anonymous, outlining a plan to leak confidential documentation of wealthy individuals and banks in Europe.

6/23/11

A torrent package containing confidential documents from Arizona law enforcement is released online. The release stated it was done in protest of Arizona Senate Bill SB1070. Confirmed: LulzSec announced "Chinga La Migra" on its Twitter feed and posts files to its site, saying it was done in retaliation to the Arizona immigration act.

6/23/11

UK-based newspaper The Sun is attacked by a DDoS exploit. The news organization speculates LulzSec retaliated after the paper's coverage of an accused hacker. Denied: LulzSec tweeted: "Clearing up yet more failed attempts at framing: we didn't attack The Sun or The Times in any way with any kind of DDoS attack. Cheers."

6/21/11

A UK police Web site was taken down after multiple attacks (happened soon after police claimed they had arrested a member of LulzSec). Confirmed: LulzSec stated this was part of #AntiSec. Denied that person arrested was anything more than someone "mildly associated" with the group. Charges were not related to LulzSec incidents.

6/21/11

Data from the 2011 UK census was rumored to have been compromised in the Anonymous-LulzSec joint operation. Denied: LulzSec denied involvement via its Twitter feed.

6/20/11

The official Orlando, Fla. Web site was hacked and a message saying "boycott Orlando" was placed. Confirmed: Anonymous released a video statement saying the action was taken after a member of Food Not Bombs, a group that feeds the homeless, was arrested after handing out food.

6/20/11

Anon/LulzSec Join Forces: "Operation Anti-Security" (#AntiSec), a joint operation between Anonymous and Lulzsec, is announced online. Term based on the existing AntiSec movement.

6/17/11

1.3 million Sega users had information stolen including member names, e-mail addresses, birthdays and passwords. Denied: LulzsSec denied it was responsible for this hack on its Twitter feed and posted the following message: "@Sega - contact us. We want to help you destroy the hackers that attacked you."

6/17/11

LulzSec 1,000 Tweet Statement: LulzSec posts a document stating that the group's goal is to "...to draw attention to the poor state of Internet security" and asks others to "join the rebellion."

6/16/11

A list of 62,000 e-mail addresses and passwords surface online. Confirmed: Leaked e-mail addresses posted to the LulzSec site. LulzSec Tweeted that the file containing the list had been downloaded 2,100 times in the first four minutes available.

6/15/11

Multiple Malaysian government Web sites go down, thanks to a DDoS attack. Anonymous had previously circulated an image calling others to attack the country's Web sites that night.

6/15/11

CIA Web site is brought down in a DDoS attack. Tweet from LulzSec: "Tango down - cia.gov - for the lulz." No mention on Web site or press release issued.

6/14/11

In an event coined "Titanic Takeover Tuesday," online video game site The Escapist, MMORPG EVE Online, Minecraft and League of Legends, and security company Finfisher all suffered DDoS attacks. Confirmed: LulzSec, once again, posted a message on Twitter taking responsibility.

6/13/11

The Spanish police Web site becomes the next victim in a DDoS attack. Confirmed: A statement was released by Anonymous, saying it took the action after three were arrested in Spain in association with the hacker collective.

6/13/11

A U.S. Senate spokesperson confirmed that the Senate Web site had been breached, but no sensitive data was taken. Confirmed: LulzSec Tweeted that it had hacked the U.S. Senate Web site and provided a link to internal data from the site.

6/12/11

A documented network intrusion of video game maker Bethesda Softworks and ZeniMax Media surfaces online. Confirmed: LulzSec took the credit, saying it didn't release user data because it likes the companies. Press release here.

6/10/11

A list of user data from porn Web sites is released online. The list includes e-mail addresses from worldwide government officials. Confirmed: LulzSec said it did it on Twitter "Just for mild fun!" File of addresses available on LulzSec Web site.

6/09/11

Turkey's government Web site suffers a DDoS attack. Confirmed: Anonymous takes credit in a YouTube video, saying the attack was brought on by the censorship standards in Turkey.

6/08/11

After advertising a cash prize for the hack of its Web Site, security firm Black & Berg Cybersecurity Consulting was breached. LulzSec claimed responsibility via a post on the security firm's Web site, but deferred the cash prize, saying it had done it "...for the LULZ." No confirmation on Twitter or its site was made.

6/06/11

Sony is targeted again, with its BMG Web site being mapped and SCE developer code posted. Confirmed: LulzSec announced the hack on Twitter and posted the "Sownage" hack links to the release page on its site.

6/05/11

Information featuring names, e-mail addresses and passwords of select Middle Easter politicians is leaked online. Confirmed: A document with the information was reportedly released by Anonymous, saying the motivation was "...in support of Arab revolutions...."

6/03/11

LulzSec releases information on a security hole in Nintendo's online service. Confirmed: The group responded that it posted the information as a courtsey to Nintendo to fix the security issue.

6/03/11

InfraGard, an FBI affiliation agency, had 180 passwords of members leaked and uploaded online. Confirmed: LulzSec Tweeted it had obtained and uploaded the information as part of its "F*** FBI Friday" Press release here.

6/02/11

A SQL injection was used to extract over 1 million users' information and e-mail addresses from a Sony promotion site. Confirmed: LulzSec Twitter post: "1,000,000+ unencrypted users, unencrypted admin accounts, government and military passwords saved in plaintext. #PSN compromised. @Sony" Leaked data/press release on LulzSecurity.com Web site

5/29/11

A zero-day exploit was used to extract press credentials for the PBS Web site, allowing others to access and plant fake news stories on its homepage.

Confirmed: LulzSec, once again, turned to Twitter to confirm responsibility. It stated that it performed the operation in response to PBS's unfavorable coverage of the Wikileaks.

5/15/11

A document on Lulzsecurity.com leaks information on owners and locations of specific ATM machines in Great Britain. Confirmed: Before the information was released, a Twitter message from @LulzSec said, "Oh I have an idea... let's leak 3100 basic ATM details (machine ID, latitude, longitude, company owner, etc, nothing too special) tonight :D"

5/10/11

Fox Web sites encounter a breach, and sales information, admin and employee data are leaked online. Confirmed: LulzSec posted on Twitter; files on LulzSecurity.com Web site.

5/07/11

Personal information on contestants from the Fox British TV show "X-Factor" was leaked and posted on lulzsecurity.com. Confirmed: First confirmed LulzSec hack; in note, organization warned that this would be the first of many security leaks, done with the motivation "...to spread fun, fun, fun...."

4/17/11

Sony's PlayStation Network is compromised, causing the company to take down the online service for almost a month. Denied: Sony blamed Anonymous, but the group denied it in a press statement.

4/02/11

A series of DDoS attacks take place on Sony Web sites. Confirmed: Anonymous released a statement saying it had begun "Operation: Payback" in response of the legal litigation against an individual responsible for releasing source code to the company's PS3.

3/14/11

E-mails from previous employees of Bank of America were posted in an effort to show the "corruption and fraud" of the bank The e-mails were posted to bankofamericasucks.com, which redirected readers to a site run by the Twitter feed of an unofficial spokesperson of Anonymous.

2/28/11

Conservative advocacy group Americans for Prosperity, run by Koch Industries, was taken down by a DDoS attack. Confirmed: Anonymous released a press statement, saying it began attacks on Koch Industries and the advocacy group because of its "manipulate the political agenda in Wisconsin," specifically in the worker union issue in that state.

2/06/11

After announcing it had identified members of Anonymous, security firm HBGary suffered an attack on its Web site and executive e-mails from members were uploaded to file sharing networks. Confirmed: Anonymous took credit by posting a YouTube video and stated that the information gathered by HBGary on Anonymous was false.

2/02/11

In conjunction with the revolt of Hosni Mubarak in Egypt, the Egyptian government Web site was breached using a DDoS exploit. Confirmed: Anonymous took credit for the attack in a Twitter post: "Welcome back to the Internet, #Egypt. Well, except http://www.moiegypt.gov.eg -- you stay down."

1/10/11

Fine Gael, the centralist party in Ireland, had its Web site hijacked. The official homepage was replaced by the Anonymous logo and a message that read "Nothing is safe, you put your faith in this political party and they take no measure to protect you." Anonymous never confirmed its involvement, and, unlike previous attacks, a DDoS exploit was not used.

1/03/11

Tunisian Government Web Sites hacked using DDoS exploit Confirmed: Anonymous issued a press release saying it had taken the action after the Tunisian government blocked the Wikileak cables.

 

 

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

Featured

comments powered by Disqus

Subscribe on YouTube

Upcoming Training Events

0 AM
TechMentor @ Microsoft HQ
August 11-15, 2025