DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Time’s up: SingularityMD sets up to sell data from Jeffco Public Schools

Posted on November 10, 2023 by Dissent

It looks like “SingularityMD,” the hacker(s) of Clark County School District in Nevada and Jeffco Public Schools in Colorado, are looking to start selling the data they exfiltrated.

In an introductory post today on Breach Forums, they write:

We are SingularityMD.

We specialize in low sophistication corporate network infiltration.

We are behind the following hacks

  • https://www.databreaches.net/jeffco-publ…-same-way/
  • https://www.databreaches.net/hackers-esc…il-system/
  • https://www.databreaches.net/exclusive-c…t-comment/

We have access to a lot of organizational data and would like a place to sell it.

We plan to sell the Jeffco data breach dataset and some parts of CCSD which has not previously been leaked.

We have data for additional organizations we will sell over time.

Attempting to sell data on the popular forum is somewhat of a game-changer, as even if they sell data to just one buyer, there is no way to know how many others will buy the data from the original purchaser. The buyer might keep it privately or choose to re-sell it to any number of buyers. Or if there’s no buyer, SingularityMD might just leak the data (give it away freely on the forum).

In communications with DataBreaches tonight, SingularityMD confirmed that was the plan, writing:

With the jeffco data we are attempting to sell it now to the highest bidder on breachforums among others. So it may take longer to appear in the public domain and may actually not be made public. We will likely leak whatever we cannot sell.

SingularityMD also responded to an inquiry from DataBreaches asking whether there are other victims:

We have performed data collection on two districts since, though much smaller 30k students and 80k students. Working to understand if there is a better way to be paid for our efforts – likely by selling to data directly and staying out of the news so much. May not announce future work.

DataBreaches understands that SingularityMD’s willingness to share some details with DataBreaches has led some districts to start requiring 2FA or MFA where they hadn’t required it before, and to begin to address known security issues. DataBreaches has also contacted Infinite Campus about one issue and will update this post if an answer is received, but will not even mention the issue for now so as not to encourage exploitation of it.

But apart from the issue DataBreaches has raised with Infinite Campus and some questions this site has submitted to Google that also await answers, one of the questions DataBreaches put to SingularityMD concerned whether they had ever exploited o365 like they had Google Apps. Their answer:

Yes, there is a specific school district which used their student ID as the email address and the password is the student ID and the student initials.

They did take precaution to prevent the names from showing anywhere with the email address in google apps unless students added to their address book but through o365 we managed to expose the names and have access to all accounts.

Where used, o365 2fa is harder to circumnavigate though.

DataBreaches will continue to follow developments in these breaches.


Related:

  • PowerSchool commits to strengthened breach measures following engagement with the Privacy Commissioner of Canada
  • Two more entities have folded after ransomware attacks
  • British institutions to be banned from paying ransoms to Russian hackers
  • Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
  • Global hack on Microsoft product hits U.S., state agencies, researchers say
  • Michigan ‘ATM jackpotting’: Florida men allegedly forced machines to dispense $107K
Category: Breach IncidentsCommentaries and AnalysesEducation SectorHackOf NoteU.S.

Post navigation

← Butte School District shuts down computer network after system compromised
Australia locks down ports after ‘nationally significant’ cyberattack →

2 thoughts on “Time’s up: SingularityMD sets up to sell data from Jeffco Public Schools”

  1. Anonymous says:
    November 11, 2023 at 12:33 pm

    Jeffco come on… This is going to significantly harm the student population. The lawsuit is going to be the highlight of my year

    1. internet man says:
      November 11, 2023 at 7:00 pm

      It’s time to petition.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard
  • Trump Administration Issues AI Action Plan and Series of AI Executive Orders
  • Indonesia asked to reassess data privacy terms in new U.S. trade deal
  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial
  • Wikipedia seeks to shield contributors from UK law targeting online anonymity
  • British government reportedlu set to back down on secret iCloud backdoor after US pressure

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.