DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

U. of Hawaii and Cornell University hacked by @MarxistAttorney

Posted on January 7, 2015 by Dissent

Add the University of Hawaii  and Cornell University to the universities that have been hacked by @MarxistAttorney.

The U. of Hawaii data dump, which DataBreaches.net is not linking to, does not contain student or employee personal information, but in addition to acquiring the root username/password, “Attorney” also got the mac addresses, service tags, usernames and more of each and every computer/smart board in their University. The dump only contained approximately 2,000 of the 65,000 lines of data he acquired, he tells this site.

DataBreaches.net emailed U. of Hawaii to ask them to confirm or deny the breach and provided them with the vulnerable url that had reportedly been used to access their system. They promptly acknowledged the inquiry and stated they were investigating, but as of the time of this posting, have not replied with any confirmation or denial.

Long-time readers may recall that during 2009 – 2011, the University of Hawaii had a number of data breaches that resulted in a critical report from Liberty Coalition and a class action lawsuit that was settled in 2012.

Cornell University also appears to have been hacked by @MarxistAttorney. That data dump includes non-sensitive employee contact information (names, work e-mails and phone numbers), as well as what appears to be information on the university’s utilities accounts information (power, heating, gas, etc.) Cornell did not respond to an inquiry by this site as of the time of this posting.

In an interview this week, DataBreaches.net asked @MarxistAttorney about his motivation for hacking universities. While his earlier comments referred to hacking for the “lulz” and to undermine IT departments, he also notes that he hacks to protest:

I am a University student myself, and I am already knee-high in debt. You shouldn’t be forced to pay crazy high tuition fees just because you want to pursue an education and not work at some shit shack like McDonald’s. I can see myself spending half my life after graduating just paying off loans and I don’t want that for myself or anyone else. This is my way of protesting. I hope that by dumping the data of this University, and the various other ones I have done in the past, that they will consider lowering the tuition fees, or making it free to attend university, so students don’t need to suffer like me and millions of others have. Not to mention, this is a University we are talking about here, the fact that they can’t audit their own site and fix sqli vulnerabilities shows how disappointing the monkeys for IT Teams they have.

“Attorney” says that most of his hacks, like these two, exploit SQLi vulnerabilities. In the U. of Hawaii case, the vulnerability has already been patched, Attorney tells this site, but the damage was already done.

Related posts:

  • Forbes Breach Email Statistics
  • Will Beacon Health Solutions’ incident prompt OCR to start enforcing notification “without undue delay?”
  • TeamGhostShell posts “master list” of 548 leaks (so far)
  • @MarxistAttorney tweet suggests he’s been arrested (corrected and updated)
Category: Breach IncidentsEducation SectorHackU.S.

Post navigation

← UK: North East school website hacked
Zappos settles charges with nine states over data breach →

4 thoughts on “U. of Hawaii and Cornell University hacked by @MarxistAttorney”

  1. rogue says:
    January 7, 2015 at 1:47 pm

    MY NIGGA ATTORNEY PUTTIN IN THAT WORK

  2. Not Relevant says:
    January 8, 2015 at 4:33 am

    Unfortunately Mr ‘MarxistAttorney’ is not smart enough to twig that he will go to jail for this. So his student loan issue is becoming quickly irrelevant. Protest he may, but it is like urinating on a hot stone. It won’t change anything and only get you a criminal record. Well done man!

  3. funny says:
    January 9, 2015 at 8:35 am

    “MarxistAttorney”, you do realize that it takes millions of dollars every year for a university to be able to offer you the education that enabled your attacks? Without tuition there would be no way to operate, other than receive state and federal funding which has been dramatically reduced in the wake of the financial crisis. Your attacks are mis-placed and the irony of your logic is laughable.

  4. Attorney says:
    January 10, 2015 at 7:49 pm

    @Not Relevant
    You’re moronic, I will never get caught.

    @Funny
    You realize that EDU Facilities DO NOT pay taxes. Not to mention schools get by fine with Federal & Provincial funding, not to mention the amount of donations Universities receive. Before you say something, make sure you think it through.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions
  • NY Attorney General James Affirms Hospitals Must Provide Access to Emergency Abortion Care
  • How Internet of Things devices affect your privacy – even when they’re not yours

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.