The Digital Citizens Alliance released a report sending shock waves in the education community. Hackers stole over 120,000 university and college email addresses and sold the passwords on darknet marketplaces like Minerva Market.
The most impacted campus was the University of Michigan. Hackers stole over 100,000 emails and passwords. Other Universities:
- The University of Minnesota,
- Michigan State University,
- Ohio State University,
- The University of Illinois.
The hack also affected Universities in Pennsylvania, New York, Texas and California.
“They can go ahead and use these email addresses for numerous purposes,” Brian Dunn explained. “With all this information on their laps, the hackers can gather additional information on the owners, gaining access to their identity” he concluded.
The danger of hacking is clear. Once an email address is in the hands of a hacker, he has your password and additional key information. This can include bank account numbers, credit card statements and even social security details. It may also include passwords for other sites visited on the internet.
This is a new trend for hackers to steal email addresses. The hackers furthermore deceive people on your contact lists. They proceed to send a fake distress email to any of those addresses on your list. If those who receive these emails are not careful, they can respond by giving the information requested.
Hacked emails are easy to spot and you should be educated on the warning signs. There are multiple misspellings in the text and the request is for money or other bank account information. More often than not, the email can no longer be accessed by the owner. Additionally, you can find that you cannot retrieve any of your messages or your contact list is wiped clean.
Emails with .edu addresses suffer the most from this attack with millions of them lost or stolen. These addresses included both those that had been hacked and the ones created by cyber criminals after the hack.
“Most people will open an email with a .edu address because they have confidence that it is safe,” said Dunn. He confirms that once a deceived user opens the emails, the hackers are able to create destructive viruses. Such harmful intrusions include Trojan horses and malware.
The report says that this is not just a worrying trend in education institutions. The ability to access and hack emails is also of concern to national security. Since the government uses college professors to carry out critical research on their behalf, it is also a federal concern.
It is, however, common knowledge that such sensitive data research cannot be carried out on university resources. Still, an email hacker who is interested in such information could go ahead and aim to hack a university. Once they gain access, you can never tell what the criminals will do.
Cybercrime is a serious dilemma for universities, on the smaller scale, but also for the government at large. Cybercriminals continue to target more people and thus the citizens provide pressure upon the government.
“A user can go ahead and ensure that they have cleaned up all their old passwords. Additionally, there is a way to have a good password system,” said the report.
The researchers encourage computer users to store passwords in cyber vaults. Not sharing one’s passwords, or reusing the same password for other sites, will make it harder for the hackers too.
For the universities, the obvious option is to pay more toward the information technology departments. Channeling more funds to this and conducting more research, may result in eradicating the problem completely. To keep such delicate data adequately protected, they need to do this even when the institutions are running on low resources. An advanced security software is always a reasonable investment.