َُِ
449 posts
َُِ
@O0XMED
Soc Analyst | DFIR | eCIR | eCDFP | FCA
دلوقتي الهاكرز اللي بيخترقوا المواقع المصرية كتبوا اسمي في احد المواقع اللي بيخترقوها! لية بقا ؟ عشان بكتب ادعي اختراق مش بكتب اخترق ما هو انا يا شباب مش قاعد مع الوزارة في السيرفر عشان اعرف اختراق بجد ولا لا ومش هنزل داتا مسروقة برضوا
🇪🇬 A threat actor is advertising an alleged leak involving Cairo University and Galala University, claiming exposure of student PII, student images, and related academic documents totaling approximately 10GB. According to the underground listing, the alleged dataset includes: • student identifiers • national ID references • student photos/images • academic records • guardian information • admission-related data • contact information • email addresses • birth dates • passwords • enrollment metadata • uploaded student documents The post references: • “5k student images + docs” • structured student database columns • university-related student management information • guardian and family-linked records The visible sample fields appear to include: • student_code • birth_date • student_national_id • student_email • guardian_name • guardian_phone • guardian_email • admission_status • study_type • student_phone If authentic, this type of exposure could create severe privacy and identity-security risks for students and families. Educational institutions remain attractive targets because they often store: • large volumes of PII • identity documentation • financial records • academic credentials • biometric-style imagery • family/guardian data • internal administrative documents The inclusion of: • student images • national identifiers • guardian relationships • contact information substantially increases the risk of: • identity theft • account fraud • social engineering • impersonation attacks • scholarship/payment fraud • credential attacks • phishing campaigns targeting students and parents Particular concern exists when educational datasets contain: • student documents • uploaded identity files • passwords or password hashes • academic records • enrollment systems data Threat actors frequently weaponize education-sector data for: • credential stuffing • fraud operations • SIM swap targeting • fake admissions scams • extortion • phishing infrastructure development At this time: • the authenticity of the alleged dataset has NOT been independently verified • the source of the compromise remains unclear • no official confirmation from the universities has been observed • the exact number of affected individuals is unknown The listing also reflects a broader trend: universities and educational institutions continue to face increasing cyber threats due to: • decentralized IT environments • large user populations • third-party academic systems • weak identity-management practices • extensive document storage Educational organizations should immediately: • audit exposed student-management systems • review authentication logs • rotate administrative credentials • enforce MFA • monitor underground repost activity • inspect cloud storage permissions • review document-upload infrastructure Students and guardians should remain alert for: • phishing emails impersonating universities • fake tuition/payment requests • fraudulent scholarship communications • suspicious account-reset attempts • identity misuse involving academic records DDW is continuing to monitor: • potential reposts or mirrors of the alleged dataset • validation attempts by underground actors • follow-on phishing campaigns • additional education-sector targeting activity #CyberSecurity #ThreatIntelligence #EducationSecurity #DataBreach #PII #UniversitySecurity #DarkWeb #CyberCrime #Egypt #DDW #Intelligence
