Over 200,000 Students Data Leaked in Cyberattack


The personal information of approximately 280,000 students was leaked last week in a cyberattack that targeted the AcadeME company, which serves a variety of colleges and institutions across Israel. Hundreds of thousands of students use AcadeME to get jobs at thousands of companies. 

On June 20, a pro-Palestinian Malaysian hacker group known as "DragonForce" claimed that it hacked into AcadeME and stated in a Telegram message, "THE LARGEST AND MOST ADVANCED STUDENT AND GRADUATE RECRUITMENT NETWORK IN ISRAEL Hacked By DragonForce Malaysia." 

According to the group, emails, passwords, first and last names, addresses, and even phone numbers of students who were enrolled on AcadeME were leaked. Screenshots of code, server addresses, and a table with email addresses and names were all targeted by DragonForce. 

According to May Brooks-Kempler of the Think Safe Cyber Facebook group, the hackers exposed the information of roughly 280,000 students who have utilized the site since 2014. 

As of Monday morning, the AcadeME site had been pulled offline and was labeled as "unavailable." When attempted to visit the site, a notice stated that the site "should be back soon." 

The hackers wrote on Telegram, "This is an urgent call for all Hackers, Human Right Organizations and Activists all around the world to unite again and start a campaign against Israhell, share what is really going on there, expose their terrorist activity to the world. We will never remain silent against israhell war activity." 

The group claimed later that day that it had leaked a "massive" number of Israeli passports. On Friday, the same organization launched DDoS assaults against Bank of Israel, Bank Leumi, and Mizrahi Tefahot, among other Israeli banks. 

Israel's National Cyber Directorate's Warnings: 

Yigal Unna, the chief of Israel's National Cyber Directorate (INCD), cautioned earlier this year that if necessary precautions are not taken, cyberattacks might cripple Israeli academic institutions. 

The chief of the INCD warned that the wide connectivity between academic institutions and other bodies and organizations could constitute a threat to other bodies and result in liability. The message arrived 11 days after a cyberattack on the Ben-Gurion University of the Negev, which resulted in the compromise of several of the university's servers. 

After the breach was found, a joint team of researchers from the INCD and Ben-Technologies, Gurion's Innovation & Digital Division was formed to avoid data leaks and control the situation. 

Though the perpetrator of the attack is still unknown. 

In 2020, the National Cyber Directorate received over 11,000 inquiries on its 119 hotline, a 30 percent increase over the previous year. About 5,000 requests were made to companies to handle vulnerabilities that exposed them to assaults, and about 1,400 entities were contacted about attempted or successful attacks.