A hacktivist group has claimed to have hacked a laundry list of servers belonging to prestigious universities including Princeton, Harvard and Johns Hopkins, exposing email addresses, passwords, IDs and names of students and faculty.
The group GhostShell posted information from more than 120,000 accounts and records gathered from servers at 100 universities.
Melbourne University was listed as a victim, but the leaked data appeared to be only public staff information. SC has contacted the university to confirm the extent of damage.
In late August, GhostShell claimed responsibility for a leak involving one million user accounts, stolen from around 100 websites for government agencies, banks, consulting firms and other institutions.
The group was also linked to a breach in May affecting the University of Maine, where the personal data of nearly 4000 people was compromised after Social Security and credit card numbers were accessed by hackers.
In the Pastebin message, GhostShell said that the recent attacks were launched to bring attention to various grievances the group holds toward the educational systems in the United States, Europe and Asia.
The hackers cited growing tuition fees, frequently changing laws and heavily regulated teaching.
Perhaps telling of the vulnerability of the academic landscape, the group said it discovered that many of the targeted college's servers already had been infected with malware.
New York and John Hopkins universities were investigating the breaches.
The US Department of Education was contacted for comment.
- With Darren Pauli
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
_page-0001.jpg&w=100&c=1&s=0)
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
