Criminal marketplaces are selling university login credentials online, FBI warns


This audio is auto-generated. Please let us know if you have feedback.

Dive Brief: 

  • The FBI has found college and university login credentials listed for sale on public forums and online criminal marketplaces, it informed higher ed institutions late last week. 
  • The exposure of this information could lead to future cyberattacks against individuals and organizations, the FBI warned. For instance, cybercriminals can use the information to attempt to log in across various internet sites, taking advantage of users who recycle the same login credentials. 
  • The FBI recommends higher education institutions review and update their plans to respond to a cyberattack. They should also continuously update operating systems and software, train students and faculty to recognize phishing attempts, and require strong and unique passwords for all accounts. 

Dive Insight: 

Cyberattacks have been a growing problem at colleges and universities, which house sensitive data and may not always prioritize implementing the latest cybersecurity improvements. In recent years, colleges that have fallen victim to cyberattacks have paid hundreds of thousands of dollars to regain access to hijacked servers or have had to cancel classes for days as they attempted to bring operations back online. Some have even faced lawsuits over data breaches

The FBI said in a May 26 notification that it has discovered several incidents where stolen higher education credentials were advertised. In January, Russian cybercriminal forums listed network credentials to U.S. colleges for sale and even uploaded screenshots for some as proof of access. The credentials were listed for up to several thousand dollars, according to the FBI. 

Similarly, in May 2021, the FBI discovered that more than 36,000 email and password combinations for accounts ending in .edu were available on a public instant messaging platform. And in late 2020, a seller on the dark web listed about 2,000 unique usernames and passwords for higher education accounts. 

If attackers purchase the login information and successfully breach user accounts, they may try to drain them of stored value, sell credit card numbers, sell personal information or engage in fraudulent transactions. 

The FBI recommends that colleges take several measures to ward off such attacks. One of the most efficient is regularly checking for software updates and prioritizing installation of patches to address known vulnerabilities. Colleges can also implement training programs to help students and employees understand the risks of clicking on suspicious links or email attachments. And institutions should require multifactor authentication, especially for accounts that access critical systems or email. 

In addition, the agency called out the importance of network segmentation, a security effort that divides a computer network into smaller parts. This helps prevent ransomware attacks that can easily bring an entire network down. 

Meanwhile, cyberattacks against colleges have continued in recent months. 

Attacks against at least two colleges disrupted the final days of their spring terms. At one, Kellogg Community College in Michigan, an attack forced the institution to close all five of its campuses and cancel classes. At another, Austin Peay State University in Tennessee, administrators canceled a day of final exams due to a cyber incident.


Please enter your comment!
Please enter your name here