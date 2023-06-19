



Security researchers found 2.2 million leaked credentials linked to the UK’s top 100 universities available on the dark web, putting employees, students and their data at risk.

Crossword Cybersecurity’s Trillion risk monitoring service found credentials, claiming more than half (54%) of them belonged to elite Russel Group institutions.

According to the latest figures, there were almost 2.2 million students studying at UK higher education institutions in 2021/22, including 680,000 international students and a further 234,000 staff.

We don’t have information on how many of the affected individuals are still in college, but the size of the finding is potentially significant.

Crossword Cybersecurity highlighted the potential risk to sensitive research if a threat actor can access user accounts with compromised credentials. It said more than half (54%) of leaked credentials came from British universities with research facilities, potentially putting government-funded programs in areas like nuclear power and defense at risk.

Crossword states that “UK universities and research facilities are among the most respected in the world, and protecting their reputation is by implementing effective cybersecurity practices to protect students, staff and the information shared by the public and private sectors for research projects. includes,” claimed Crossword. Cyber ​​Security Executive Director Stuart Jubb.

“We know that these environments represent some of the most unique challenges to protect because of their overlapping requirements for confidentiality and openness, so there are many attack vectors to consider. We are committed to preemptive monitoring of stolen credentials and multi-factor authentication requirements in cybersecurity practices of all organizations, not just the education sector.”

In theory, threat actors may not just be looking for university credentials, keeping an eye on unpublished research. They can steal sensitive personally identifiable information (PII) from staff and students, or attempt phishing or identity fraud.

The report found that the UK’s top 30 universities are up to 50% more likely to have credentials breached than any other institution in the top 100, with universities in London having more login breaches (506,330) than universities in Scotland, Wales and Northern Ireland. found that I have Combined (465,767).

