DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Hacker may have sold access to Marshall U. website

Posted on January 26, 2011 by Dissent

Yesterday, I noted that I had contacted Marshall University about a hacker offering “Full SiteAdmin Control” to their server for $99.00.

My purpose in contacting them was two-fold: to alert them to a possible breach that they needed to look into and to ask for a comment or response. I never got to the second purpose, as a Marshall employee told me that they had dealt with the problem “yesterday,” that there was no breach, and that I shouldn’t be reporting anything alleging that they had been breached. She took my phone number and email address and promised to have someone get in touch with me with a fuller response. No one called. No one emailed.

Today, Zack Harold reports:

An underground hacker website recently offered visitors high-level access to Marshall University’s website for just $99.

Officials at Marshall said the cyber criminal might not have infiltrated their systems, however.

The hacker, identified only as “Srblche,” was selling administrative access to the university’s website for $99 on Monday. The site was no longer active Wednesday.

Matt Turner, Marshall’s chief of staff, said the university became aware of the alleged security breach Monday and immediately began checking its systems to determine if a breach occurred.

The school’s technology team didn’t find any evidence of an attack.

“As far as we know, our security has not been compromised as suggested, but with Web servers, there is always an inherent risk of hackers,” Turner said. “Any time you have a server that exists, it’s always susceptible to someone trying to hack into it.”

“We think it’s someone phishing, trying to make some money,” he said.

Bill Gardner, IT manager for Charleston’s Flaherty, Sensabuagh, Bonnasso Law Firm, said that scenario is “possible, but it’s probably not probable.”

“There’s honor among thieves,” he said

Read more on Charleston Daily Mail.

None of the universities named on the “for sale” list have posted any notices on their sites about the situation.  In the interim, the web site has been suspended.  A whois lookup indicates that srblche.com is registered to:

Mohammad Srblche        ([email protected])
Kuwait
Salwa
Salwa
KW,00865
KW
Tel. +965.567636494
Creation Date: 21-Apr-2010
Expiration Date: 21-Apr-2011
Domain servers in listed order:
ns1.suspended-domain.com
ns2.suspended-domain.com
Of course, that information is not necessarily accurate.

Related posts:

  • Who got breached in #ProjectWhiteFox 1.6 million Account leak
Category: Breach IncidentsEducation SectorHackU.S.

Post navigation

← Ca: Three stolen laptops with patient info recovered
NZ: City doctor who breached confidentiality cleared of privacy breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.