Sometimes They Come Back: Team GhostShell Leaks 120K Records from Top 100 Universities

This summer, when Team GhostShell released one million accounts as part of their Project HellFire campaign, I was particularly impressed by one sentence contained in the pastebin statement which accompanied the release.

One million accounts/records leaked. We are also letting everyone know that more releases, collaborations with Anonymous and other, plus two more projects are still scheduled for this fall and winter. It’s only the beginning.

I was wondering what else the hacking collective had in mind, and unfortunately I did not have to wait too long for the answer. As promised, at the beginning for this fall Team GhostShell returned with a new campaign called “ProjectWestWind”, aimed at “raising awareness towards the changes made in today’s education, how new laws imposed by politicians affect us, our economy and overall, our way of life”.

Their interpretation of their concept of “raising awareness” is a little bit complicated since, in order to raise awareness they hacked top 100 International Universities and leaked more than 120,000 accounts (leaving in their servers hundreds of thousands more). The list includes Harvard, John Hopkins, the University of Michigan, Tokyo University, New York University, Princeton and the University of Rome and leaked data contains email addresses, hashed passwords, IDs and names of students and faculty members.

It worth to mention that they claimed to have found a lot of servers infected with malware, and some other storing credit card information.

There is not so much to comment. I would prefer to limit myself to the Italian situation: when dealing with the quality of infrastructures, Italian Universities rank inevitably at the bottom of every possible chart, when dealing with being hacked, they rank inevitably at the top…