Published June 21, 2011
Just a day after hacker group LulzSec teamed up with underground associates Anonymous and openly declared war on the U.S. government – among other high profile international institutions, the UK has struck back, allegedly arresting a British teenager suspected of being a mastermind behind an organization veiled in secrecy. Here’s a look at how we got here.
May 7 – May 12: Fox
LulzSec hacks into the databases of TV show X-Factor, releasing contestant information including personal details. Fox’s databases, LinkedIn profiles and Twitter accounts were also compromised. The hackers proclaimed the attack was in defense of the rapper Common, who had been allegedly called “vile” on air.
"As its name suggests, LulzSec claims to be interested in mocking and embarrassing companies by exposing security flaws rather than stealing data for criminal purposes," said Ian Paul of PC World.
May 15: UK Banks
LulzSec infiltrates UK ATM transaction logs, stealing individual bank account details from 3100 ATMs.
May 23: Sony Japan
LulzSec publishes the “innards” of a Sony database, part of a long running campaign against the electronics and technology giant, stating on their Twitter that they “just want to embarrass Sony some more.”
May 30: PBS
LulzSec steals PBS passwords and publishes a fake article proclaiming that Tupac is alive after PBS aired a negative WikiLeaks documentary called WikiSecrets.
Jun 2, 6: Sony
LulzSec continues its rampage against Sony, stealing music codes, coupons, and customer details. “Everything we have will be published in multiple ways to ensure maximum embarrassment and exposure for Sony and their security flaws,” the group tweeted.
Jun 3: Infraguard
LulzSec sets its sights higher as it targets Infragard, an FBI affiliate, defacing its website and stealing email logs and personal information of owner Karim Hijazi.
Jun 8: Black & Berg
LulzSec hacks the cybersecurity consulting firm after it setup a $10,000 challenge for anyone who could change the picture on their front page.
Jun 9: British National Health Service
LulzSec emails the British NHS, informing them of a security vulnerability discovered by hackers. In the email, LulzSec states that they do not intend to exploit the flaw: “we mean you no harm and only want to help you fix your tech issues.”
Jun 10: Porn
LulzSec releases the passwords of 26,000 people from the user databases of 55 pornography websites. The reason? For “mild fun.”
Jun 13: U.S. Senate and Bethesda Softworks
LulzSec hacks the government website with Sophos reporting that “basic information” such as user logins and server config files were compromised.
Jun 15: Gaming Websites
LulzSec has a “DDoS party,” a coordinated distributed denial of service attack against various gaming websites: Escapist Magazine, Eve Online, Minecraft and League of Legends. The operation is dubbed “Titanic Take-down Tuesday.”
Jun 15: U.S. Central Intelligence Agency
LulzSec launches a denial-of-service attack on the CIA taking the website offline for three hours.
Jun 16: Random
LulzSec releases a random assortment of 62,000 emails and passwords to MediaFire. Literary website Writerspace.com later admits that the stolen information is from their site.
Jun 20: Operation Anti-Security
Lulzsec releases a statement announcing that it is teaming up with hacker group Anonymous, encouraging supporters to hack into, steal, and publish classified government information, essentially a declaration of cyberwarfare against big government and corporations.
The announcement was followed by a series of attacks, first targeting the Serious Organized Crime Agency (SOCA), a national law enforcement agency of the United Kingdom and then a Chinese government website, jhq.gov.cn.
Jun 21: First Arrest
Metropolitan Police announce that they have arrested a 19 year old man from Essex – allegedly a member of LulzSec. The sting is part of an operation carried out in cooperation with the FBI.
Jun 22: Hacker Teen Charged
19-year-old Ryan Cleary, rumored to be a member of the hacker outfit LulzSec, is with several offenses by British police, including one charge relating to the denial-of-service attack of Britain's Serious Organized Crime Agency -- the UK's FBI equivalent.
Though Clearly is widely believed to be a LulzSec associate, police have yet to mention the group by name and the LulzSec Twitter was quick to deny any connection.