Samples of data purportedly sourced from the US Department of Education were found being sold on the dark web.
The origins of this data within the Department remain uncertain, casting doubt on how the cybercriminal obtained it. The relevant authorities are yet to verify the legitimacy of the Department of Education data offered for sale.
At the time of writing, the US Department of Education’s website remained accessible.
An email from The Cyber Express had been sent to the US Department of Education, seeking a statement in relation to the assertion of a cyber attack. In reply, a representative from the department communicated that no compromise to data had occurred.
US Department of Education data on sale
The seller claimed to have a total of 27 million (likely records) from the US Department of Education database. They claimed that they were in possession of the following information:
- IDs
- Usernames
- Mobile numbers
- Level IDs
- Consumer IDs
- Type
- Feedback
- Subject IDs
- Tokens
- Other meta data
Seller posts samples of the US Department of Education
There are several instances of individuals posting about data sales on the dark web, which may not be authentic and instead be a maneuver to make money from other dark web buyers.
The seller posted about the US Education Department data sale and wrote, “I am currently selling an entire database belonging to the US Department of Education.”
Threat Intelligence platform Falcon Feeds tweeted the above-blurred screenshot of the data sale post from the suspected Department of Education cyber attack.
The seller posted samples of data from the US Department of Education on the dark web. The samples included –
- Mobile numbers and user IDs
- Full data set
US school data breaches and the sale of data from Department of Education
Failed negotiations between attackers and organizations often lead to data leaks on the dark web. After the MOVEit cyber attack, several US schools came forward to confirm the breach of their systems.
It is likely that Cl0p released the data from school systems it hacked which was copied by users on the dark web to make money by selling it. The Cl0p ransomware group managed to breach schools, and third-party vendors working with them.
This is expected to expose nearly 17.1 million US students according to an Emsisoft report. However, these are speculations, and the data may be from any other hacking incident or be completely bogus.
Promising Prospects Ahead for Cybersecurity in US Schools
Amidst the data leak posts and the MOVEit mayhem impacting student data, there have been steps taken by the government, cybersecurity organizations, and schools to work towards better cybersecurity.
“The nation’s second-largest K-12 district is kicking off the new school year with a municipal bond offering while it contends with attacks from hackers, a dwindling student body, and soaring labor costs,” read a Bloomberg report.
The report was about the Los Angeles Unified School District (LAUSD) which is on its way to fulfilling its cybersecurity goals among others with a mission to raise nearly $384 million.
The school district aims to use the funds for cybersecurity, school safety, electric busses, and student enrollment among others.
The Biden-Harris administration with its K-12 cybersecurity initiative took a huge step forward to help schools across America to fight the cyber war clouding its education sector.
Not just funding, the school cybersecurity initiative also created avenues for better communication, reporting, and the overall handling of cyber threats between all involved entities.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
