Israeli researchers discovered that the database of the University of Liverpool had been hacked and the contact details of everyone working and teaching there was posted on a dark web forum. The information posted on the dark net domain is being promoted to launch targeted phishing attacks.
According to security firm Cyberint, the name, address and work email addresses of the workers and teachers were posted on the dark web forum by a Portuguese-speaking hacker or group known as [email protected] in early February. The data remained publicly available on the website.
The attacked institute was informed of the hack some weeks ago by Cyberint and after that, the university contacted Merseyside Police about the case. The university released a statement, clearing the fact that although the contact details were taken from a database, the case that it is considered a public domain meant that this was not equivalent to a data breach. The official statement goes by:
“We detected an automated cyber-attack on one of our departmental online booking systems, which resulted in publicly available data – surname, email, and business telephone numbers – being released on the internet. We take the security of all university-related data very seriously and routinely