List of security hacking incidents

1900

1903

• Magician and inventor Nevil Maskelyne disrupts John Ambrose Fleming's public demonstration of Guglielmo Marconi's purportedly secure wireless telegraphy technology, sending insulting Morse code messages through the auditorium's projector.

  1930s

1932

• Polish cryptologists Marian Rejewski, Henryk Zygalski and Jerzy Różycki broke the Enigma machine code.

  1939

• Alan Turing, Gordon Welchman and Harold Keen worked together to develop the codebreaking device Bombe. The Enigma machine's use of a reliably small key space makes it vulnerable to brute force.

  1940s

1943

• René Carmille, comptroller general of the Vichy French Army, hacked the punched card system used by the Nazis to locate Jews.

  1949

• The theory that underlies computer viruses was first made public in 1949, when computer pioneer John von Neumann presented a paper titled "Theory and Organization of Complicated Automata". In the paper, von Neumann speculated that computer programs could reproduce themselves.

  1950s

1955

• At MIT, "hack" first came to mean playing with machines. The minutes of an April 1955 meeting of the Tech Model Railroad Club state that "Mr. Eccles requests that anyone working or hacking on the electrical system turn the power off to avoid fuse blowing."

  1957

• Joe "Joybubbles" Engressia, a blind seven-year-old boy with perfect pitch, discovered that whistling the fourth E above middle C would interfere with AT&T's automated telephone systems, thereby inadvertently opening the door for phreaking.

  1960s

• Various phreaking boxes are used to interact with automated telephone systems.

  1963

• The first ever reference to malicious hacking is 'telephone hackers' in MIT's student newspaper, The Tech of hackers tying up the lines with Harvard, configuring the PDP-1 to make free calls, war dialing and accumulating large phone bills.

  1965

• William D. Mathews from MIT found a vulnerability in a CTSS running on an IBM 7094. The standard text editor on the system was designed to be used by one user at a time, working in one directory, and so it created a temporary file with a constant name for all instantiations of the editor. The flaw was discovered when two system programmers were editing at the same time and the temporary files for the message of the day and the password file became swapped, causing the contents of the system CTSS password file to display to any user logging into the system.

  1967

• The first known incidence of network penetration hacking took place when members of a computer club at a suburban Chicago area high school were provided access to IBM's APL network. In the Fall of 1967, IBM approached Evanston Township High School with the offer of four 2741 Selectric teletypewriter-based terminals with dial-up modem connectivity to an experimental computer system which implemented an early version of the APL programming language. The APL network system was structured into Workspaces which were assigned to various clients using the system. Working independently, the students quickly learned the language and the system. They were free to explore the system, often using existing code available in public Workspaces as models for their own creations. Eventually, curiosity drove the students to explore the system's wider context. This first informal network penetration effort was later acknowledged as helping harden the security of one of the first publicly accessible networks:

  1970s

1971

• John T. Draper, his friend Joe Engressia, and blue box phone phreaking hit the news with an Esquire magazine feature story.

  1979

• Kevin Mitnick breaks into his first major computer system, the Ark, the computer system Digital Equipment Corporation used for developing their RSTS/E operating system software.

  1980s

1980

• The FBI investigates a breach of security at National CSS. The New York Times, reporting on the incident in 1981, describes hackers as

  1981

• Chaos Computer Club forms in Germany.
• Ian Murphy, aka Captain Zap, was the first cracker to be tried and convicted as a felon. Murphy broke into AT&T's computers in 1981 and changed the internal clocks that metered billing rates. People were getting late-night discount rates when they called at midday. Of course, the bargain-seekers who waited until midnight to call long distance were hit with high bills.

  1983

• The 414s break into 60 computer systems at institutions ranging from the Los Alamos National Laboratory to Manhattan's Memorial Sloan-Kettering Cancer Center. The incident appeared as the cover story of Newsweek with the title "Beware: Hackers at play". As a result, the U.S. House of Representatives held hearings on computer security and passed several laws.
• The group KILOBAUD is formed in February, kicking off a series of other hacker groups that formed soon after.
• The movie WarGames introduces the wider public to the phenomenon of hacking and creates a degree of mass paranoia about hackers and their supposed abilities to bring the world to a screeching halt by launching nuclear ICBMs.
• The U.S. House of Representatives begins hearings on computer security hacking.
• In his Turing Award lecture, Ken Thompson mentions "hacking" and describes a security exploit that he calls a "Trojan horse".

  1984

• Someone calling himself Lex Luthor founds the Legion of Doom. Named after a Saturday morning cartoon, the LOD had the reputation of attracting "the best of the best"—until one of the most talented members called Phiber Optik feuded with Legion of Doomer Erik Bloodaxe and got 'tossed out of the clubhouse'. Phiber's friends formed a rival group, the Masters of Deception.
• The Comprehensive Crime Control Act gives the Secret Service jurisdiction over computer fraud.
• Cult of the Dead Cow forms in Lubbock, Texas, and begins publishing its ezine.
• The hacker magazine 2600 begins regular publication, right when TAP was putting out its final issue. The editor of 2600, "Emmanuel Goldstein", takes his handle from the leader of the resistance in George Orwell's Nineteen Eighty-Four. The publication provides tips for would-be hackers and phone phreaks, as well as commentary on the hacker issues of the day. Today, copies of 2600 are sold at most large retail bookstores.
• The Chaos Communication Congress, the annual European hacker conference organized by the Chaos Computer Club, is held in Hamburg, Germany.
• William Gibson's groundbreaking science fiction novel Neuromancer, about "Case", a futuristic computer hacker, is published. Considered the first major cyberpunk novel, it brought into hacker jargon such terms as "cyberspace", "the matrix", "simstim", and "ICE".

  1985

• KILOBAUD is re-organized into The P.H.I.R.M. and begins sysopping hundreds of BBSs throughout the United States, Canada, and Europe.
• The online 'zine Phrack is established.
• The Hacker's Handbook is published in the UK.
• The FBI, Secret Service, Middlesex County NJ Prosecutor's Office and various local law enforcement agencies execute seven search warrants concurrently across New Jersey on July 12, 1985, seizing equipment from BBS operators and users alike for "complicity in computer theft", under a newly passed, and yet untested criminal statute. This is famously known as the Private Sector Bust, or the 2600 BBS Seizure, and implicated the Private Sector BBS sysop, Store Manager, Beowulf, Red Barchetta, The Vampire, the NJ Hack Shack BBS sysop, and the Treasure Chest BBS sysop.

  1986

• After more and more break-ins to government and corporate computers, Congress passes the Computer Fraud and Abuse Act, which makes it a crime to break into computer systems. The law, however, does not cover juveniles.
• Robert Schifreen and Stephen Gold are convicted of accessing the Telecom Gold account belonging to the Duke of Edinburgh under the Forgery and Counterfeiting Act 1981 in the United Kingdom, the first conviction for illegally accessing a computer system. On appeal, the conviction is overturned as hacking is not within the legal definition of forgery.
• Arrest of a hacker who calls himself The Mentor. He published a now-famous treatise shortly after his arrest that came to be known as the Hacker Manifesto in the e-zine Phrack. This still serves as the most famous piece of hacker literature and is frequently used to illustrate the mindset of hackers.
• Astronomer Clifford Stoll plays a pivotal role in tracking down hacker Markus Hess, events later covered in Stoll's 1990 book The Cuckoo's Egg.

  1987

• The Christmas Tree EXEC "worm" causes major disruption to the VNET, BITNET and EARN networks.

  1988

• The Morris Worm. Graduate student Robert T. Morris Jr. of Cornell University launches a worm on the government's ARPAnet. The worm spreads to 6,000 networked computers, clogging government and university systems. Robert Morris is dismissed from Cornell, sentenced to three years' probation, and fined $10,000.
• First National Bank of Chicago is the victim of $70 million computer theft.
• The Computer Emergency Response Team is created by DARPA to address network security.
• The Father Christmas spreads over DECnet networks.

  1989

• Jude Milhon and R. U. Sirius launch MONDO 2000, a major '90s tech-lifestyle magazine, in Berkeley, California.
• The politically motivated WANK worm spreads over DECnet.
• Dutch magazine Hack-Tic begins.
• The Cuckoo's Egg by Clifford Stoll is published.
• The detection of AIDS is the first instance of a ransomware detection.