There’s someone else I need to follow, as he/they seems to be hacking a number of universities and colleges.
In a post on Pastebin yesterday, @MarxistAttorney (web site) claimed a number of hacks, including,
California State University, University of Kentucky, University of Connecticut, University of Maryland, Coastal Carolina University, and Abertay University.
For each entity, there is a data dump for proof of claim; other data dumps are linked from his web site. DataBreaches.net is not linking to the individual data dumps, but has reached out to each of the universities mentioned above to ask them if they will confirm or deny that they have been hacked and that those are their data. The University of Kentucky has already acknowledged our inquiry and states that they are investigating the claimed hack.
This post will be updated as more information or responses become available, but in a quick attempt to verify the claims, DataBreaches.net found that one of the data dumps that had been labeled California State University had originally been posted elsewhere as a hack of the San Diego Zoo with attribution to “Paw Security(@PawSecReturns) #Op4Pawz.”
Google searches of strings in some other dumps did not locate any duplicates or previous postings.
Does “Attorney” have a gripe against U. of Maryland that contributed to it being targeted? Perhaps, as this tweet suggests:
You should’ve accepted me into your university #Carbonic http://t.co/V7Fga9bN5E@UofMaryland
— Carbonic (@teamcarbonic) December 10, 2014
Attorney has not yet responded to an inquiry sent by this site asking him why he is targeting universities in general and these universities in particular.
Update: In response to this site’s inquiry, “Attorney” emailed the following statement and posted a copy of it on Pastebin:
Greetz to @TeamCarbonic.
In response to this – http://www.databreaches.net/universities-hacked-data-dumped-by-marxistattorney/?utm_medium=twitter&utm_campaign=fk7h35y573m&utm_source=twitterfeed
I targeted universities for the sole pleasure of the “lulz” that came out of this. It is true, I have thousands upon thousands of logins, employee ids, and various other sensitive information regarding the universities. What I intend to do with this data is publicize it to undermine the idiots at the IT Team.
Regards,
Attorney
Apart from an initial response from U. of Kentucky saying that they were looking into things, DataBreaches.net has received no responses yet to the inquiries it sent to the universities asking them to confirm or deny they were hacked.
This might be a good time to remind everyone that no federal agency has really taken any point or serious interest in investigating data breaches in the education sector. The FTC claims it does not have authority over non-profits under Section 5 of the FTC Act. They have not responded substantively to this blogger’s analysis and EPIC’s analysis that the FTC does have authority under the Safeguards Rule if financial information is involved.
Update 2: A spokesperson for Abertay University responded to the inquiries from DataBreaches.net with the following statement:
The data to which you refer appears to have been hacked from a satellite site – www.daretobedigital.co.uk – which was set up to promote an annual computer games design competition which we run. While it carries the University’s branding, it is separate from the University’s main site – www.abertay.ac.uk – and is hosted on commercial servers, not the
University’s own servers. We are investigating the hack in conjunction with the commercial hosting company.
Update 3: On January 8, four days after notification, the U. of Maryland responded: “We take these matters seriously and are investigating the matter.
Update 4: This post did not mention Fordham University as an entity hacked by @MarxistAttorney, yet a representative from Fordham U. submitted a statement from the university in the Comments section below, presumably because #TeamCarbonic’s listing of universities on their web site includes Fordham.
Higher Ed has always been a porous pitcher to carry secure or private information … combine ad-hoc networking that grows like Kudzu; a community of scholars that can’t be bothered with mundane security; community of students (ever-changing) that is so natively digital that typical security hinders them only slightly (evidence the 7th graders in Alaska who staged a full scale faculty phishing exercise, leading to taking over the servers and then, via RAT, student laptop cameras and mics). But the most egregious gap occurs at quarterly board meetings, when governance of IT is given little or no shrift, compared to advancement and athletics.
A HIPAA-like law is called for in education … FERPA’s protection being so limited in scope.
FORDHAM UNIVERSITY STATEMENT
SATURDAY, JANUARY 10, 2015–Fordham University user information has not been compromised. The claim posted by @MarxistAttorney and Team Carbonic is recycled from 2010 (and again in 2014), and erroneously attributed data, ostensibly stolen from http://www.kaplanfinancial.com, to Fordham University. The actual content did not contain Fordham usernames nor passwords in 2010/2014, and still does not. Fordham values and vigorously defends the protection of its community’s Personally Identifiable Information (PII). The University will continue to monitor events surrounding this alleged breach.
IN RESPONSE TO FORDHAM UNIVERSITY:
I have never claimed to hack Fordham University, nor has Team Carbonic. You are pulling accusations out of your ass.
Listed on your “dumps” page of your web site (until some time today) was “http://www.fordham.edu – Student Login Dump” with a link to http://yourattorney.nl/dumps/ford.txt.
In response to Dissent;
We simply mirrored the page on our site, we did not claim credit for hacking it (take a look at our twitter timeline or my personal twitter timeline for that matter). Keep in mind at the top of the web page it says in clear text “The web master hall of shame”, although we do mention it contains our personal dumps, we also include the dumps of various other individuals that don’t have a place to keep it.We removed it today to remove confusion from idiots such as Bob Howe.
@attorney
you’re a jackass attorney. GrowTFU and accept the fact that we rejected your admission request for the LULZ! We see through your childishness and you just don’t fit in with the status of the human race. There are many other planets to choose from, might I suggest you move to Uranus! now go away little girly man.
and from this point on, watch your back!