GhostShell university hack: By the numbers

Summary:Yesterday, hacktivist group GhostShell claimed to have breached 100 top university servers, releasing 120,000 records. But how much information was sensitive?

Records stolen from university databases including the University of Michigan, New York University, Princeton and Harvard were made publicly available yesterday, after hacker group leader 'DeadMellox' tweeted a link to the release posted on Pastebin.

ml4y5q5k56eq0wsvxwdereasonablysmall

The group claimed to have released just a fraction of what they managed to obtain in campaign "Project WestWind", but it still apparently amounted to 120,000 sets of data.

Identity finder analyzed the SQL breach, and found that the 120,000 records -- now available publicly in a number of cyberlockers and mirror sites -- appear to be "authentic enough" to warrant university investigation.

The data analysis discovered that 36,623 unique email addresses and tens of thousands of student, faculty, staff names were disclosed.

In addition, thousands of usernames, hashed and plain-text passwords, addresses, phone numbers and database schema information can be found within the releases.

Sensitive information including dates of birth, citizenship, ethnicity, marital status and gender is also included. Luckily for the universities, only one bank account number could be found -- and no credit card information or social security numbers were contained within the release.

"Based upon a casual sampling of time stamps in the data set, it appears that the hackers spent at least four months aggregating the information prior to release," explained Aaron Titus, Chief Privacy Officer for Identity Finder. "Although the hackers claim to have posted 120,000 accounts, Identity Finder could only confirm around 40,000 accounts exposed. 40,000 accounts is still a large number, and it is possible that the hackers had access to far more."

GhostShell has cited tuition fees, political agendas, tough teaching regulations and job uncertainty for graduates as reasons for the campaign.

Topics: Security

About

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charli... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.