In a July 30 blog post, Tor confirmed that several entry nodes may have been run by a nefarious party attempting to identify Tor users, and they appear to have been successful.
Tor is an anonymous web browser that, along with several bundled programs, helps users anonymize their internet traffic. It does this by sending the traffic through the Tor network which operates using nodes. Users pass their encrypted data to an entry node, which adds it to a group of other users’ data and passes it along to intermediary nodes until it gets to the exit node. The exit node decrypts the data and sends it out to the regular internet. This way, the entry node will theoretically know who the users are but not what they are looking at, while the exit node could theoretically see the content being looked at but not who looked at it.
Source and Full Story Here: http://cointelegraph.com/news/112192/tor-confirms-attack-may-have-deanonymized-users