Category: Universities

Nowadays, those interested can sieve some of the sensitive to very sensitive information from the dark web and that includes banking and email credentials of individuals and businesses. And according to a report compiled and released by Crossword Cybersecurity, information related to over 2.2 million students and staff from UK’s 100 top universities is now available on the dark web. And concernedly about 54% of the information belongs to 24 leading UK Universities representing Russell Group.

If the figures are dissected further, most of the info belongs to over 2.2 million students studying in UK of which 680,000 belongs to international students and the rest belongs to natives, apart from an additional 234,000 staff members.

When a representative from the company contacted a source on the dark web, the data of 1000 students was available for a purchase just for a meager £30 and sometimes the price might go as low as £6 and might to a high of £80. The price volatility depends on the type of information and the data timeliness.

So, educational institutions should start monitoring their data storage practices and watch for any leaks. Also implementing multi-factor authentication makes sense as protecting PII of staff and students from prying eyes makes complete sense.

Security analysts suggest that hackers are always behind information that can fetch them great monetary benefits and so it cannot be restricted to a specific sector, and can spread to other sec-tors such as manufacturing, automotive, finance and such.

The post Breached credentials of UK top universities available on dark web appeared first on Cybersecurity Insiders.

The Federal Bureau of Investigation, aka FBI, has issued a notification that student credentials from many renowned colleges and universities operating in the US were up for sale on the dark web and some public domains.

According to the report, the data was dumped in January 2022 on a Russian criminal forum and was being sold single digit figure in thousands of US Dollars. While some email IDs ending with. edu were found on a public platform, some credentials, say about 36,000 of email and password combinations, were found being sold for $1200.

It is unclear how many of those published credentials were functioning now. However, the fee offered was reportedly low and so those interested in buying were ready to grab them in a deal without checking for the credibility of the leaked information.

Usually, such credentials are exploited by cyber criminals in credential stuffing campaigns to compromise computer networks of Universities and other educational institutes.

FBI argues that the criminals might have gained the information from ransomware attacks, spear-phishing campaigns, and by using other cyber invasion tactics.

Interestingly, the law enforcement agency is asking the IT heads of such institutes to maintain strong bonding with their local FBI Field Office and is asking them to improve their current cybersecurity posture by taking proactive measures.

It is also asking its users to keep their computer systems updated with the latest software, create awareness among employees about the current threats lurking in the cyber landscape, and training the students and staff in phishing exercises from time to time, along with a habit of implementing strong password hygiene.

 

The post US Universities credentials published on dark web appeared first on Cybersecurity Insiders.