05:22 AM
Tim Wilson
Tim Wilson
Quick Hits
Connect Directly
Repost This

Team GhostShell Exposes 120,000 Records From Universities

Calculated attacks turn up hundreds of thousands of vulnerable records at 100 universities across the globe, hacker group says

The hacktivist group TeamGhostShell says it has embarked on a new campaign to expose data and vulnerabilities at 100 of the top universities around the world.

In a posting on Pastebin Monday, TeamGhostShell released some 120,000 records from universities such as Oxford and Harvard. The campaign, which the group has dubbed "Project WestWind," has revealed vulnerabilities in university systems that could put hundreds of thousands more records at risk, the group says.

"After carefully filtering the [university servers] that we've already leaked before and the ones where Anonymous has in major operations, we have eventually got together a new fresh list," the posting says. "The majority of them should be here. Also, some of us decided to go ahead and add vulnerable links to the other ones anyway, which you can find at the bottom, at 'Other Universities.'

"We tried to keep the leaked information to a minimum, so just around 120,000+ accounts and records are here, leaving in their servers hundreds of thousands more," the group states. "When we got there, we found out that a lot of them have malware injected. No surprise there, since some have credit card information stored."

The group says its goal is to raise awareness of problems in the modern education system. The posting does not discuss how the data was obtained or how much data the group was able to expose.

Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Tim Wilson is Editor in Chief and co-founder of Dark, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
10/5/2012 | 3:24:03 AM
re: Team GhostShell Exposes 120,000 Records From Universities
Universities have traditionally had a
very open attitude towards information. They also have a ton of
personal data and their security departments are understaffed. All
of that makes them a prime target for hackers.

Matthew Cohen
User Rank: Apprentice
10/3/2012 | 2:09:24 PM
re: Team GhostShell Exposes 120,000 Records From Universities
Identity Finder analyzed the data breach and found:
-á* 36,623 Unique Email Addresses-á* 1 Bank Account Number-á* No credit card information-á* No social security numbers-á* Tens of Thousands of student, faculty, and staff names-á* Thousands of Usernames, Hashed and Plain-Text Passwords-á* Thousands of Addresses and Phone Numbers-á* Several Dates of Birth, Citizenship, Ethnicity, Marital Status, and Gender Information-á* Payroll Information, Employee IDs-á* Database Schema Information

Register for Dark Reading Newsletters
White Papers
Current Issue
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web