View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
February 25, 2016updated 31 Aug 2016 12:40pm

HSBC online banking, HMRC tax return, Alibaba, and the biggest cyber attacks so far in 2016

List: Thought cyber security was going to have a quieter year in 2016? Think again.

By Charlotte Henry

CBR rounds up the major cyber attacks so far in 2016

The cyber war shows now signs of slowing in 2016. New vulnerabilities and new attacks are emerging constantly. Google and Red Hat announced that it had found a vulnerability in the regularly used glibc code, which meant that it could be exploited to allow remote access to a variety of different devices. Devices potentially affected included computers and routers, and users were warned to patch Linux urgently.

There have been significant attacks seen out in the wild too in the first two months of 2016, which have had serious consequences for both companies and consumers alike.

time warner cable arena

1. Time Warner Cable password theft

The passwords and email addresses of 320,000 TimeWarner Cable were compromised in early January 2016. The company was unsure at the time whether the breach had been due to malware downloaded after a phishing attack, or if it had come through one of the other firms that store its information. It insisted that its own systems had not been breached.

The company had been informed of the attack on January 6th 2016 by the FBI. It came to light after a series of service outages towards the end of 2015, such as one in November, December 27th, and New Years Day.

2. HSBC hit by DDoS

Customers were unable to access their HSBC online accounts on January 29th 2016, after HSBC was hit by a DDoS attack. While the bank tweeted "We successfully defended out systems", and said that transactions were not affected, online personal banking services went offline for a period of time.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Although the bank began restoring services by the afternoon, there was significant concern amongst customers, as the attack came just two days before the deadline for completing self assessment online tax returns, as well as close to payday for many.

3. Alibaba’s Taobao customers attacked

On February 4th 2016, Chinese state media declared that online retail giant Alibaba had been hit by a cyber attack, with its Taobao online marketplace compromised. Hackers tried to access the records of over 20m users, using Alibaba’s own cloud services.

While not all those accounts were ultimately breached, some of them were. While Alibaba declined to give a number of the number of accounts ultimately breached, it recommended users changed their password. The firm’s shares took a hit as news of the attack emerged.

4. Tax return account phishing

HMRC received around 9m online tax returns in the run up to January 31st 2016 filing deadline, all containing information highly valuable to cyber criminals. Prior to the deadline, millions of taxpayers received phishing emails whereby hackers took the username and password of their online tax returns, and get money by making fraudulent tax rebate claims.

HMRC claimed to have fended off around 17000 attempted fraudulent and incorrect claims totalling £100m during the last year, and a spokesperson told CBR at the time of the attack that its computer systems have not been breached. However, a Sunday Times journalist confirmed to the paper that their account had been hacked, with a claim flagged as fraudulent.

5. Hollywood Hospital ransomware

The Hollywood Presbyterian Medical Centre was taken offline for almost a fortnight after it systems were taken over by ransomware. Hospital officials said that the attack appeared to be random, instead of being targeted directly at it, and said that medical records had not been accessed and that it continue to provide essential care.

Ultimately though, it had to cough up a hefty ransom to regain access to its data, an action that remains highly controversial as it could encourage other attacks. At first it was reported by news local to the hospital that the hackers were demanding as much as 9,000 bitcoins, about $3.4m, however the final ransom paid was 40 Bitcoins, about $17,000.


Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.