The personal data of thousands of Israeli university students, including IDs, bank account details, phone numbers, IDF documents, email addresses, and test results, was uploaded to the darknet by a group of Iranian-linked hackers.
Cybersecurity expert Lior Ben-David said the incident was one of the most serious he had ever encountered, adding that the stolen sensitive data was linked to identity theft and students' social media accounts. He pointed out that this could lead to a takeover.
2 View gallery
Iranian hackers attack Israeli networks and systems
(Photo: Shutterstock)
The breach originates from a system used by most universities in Israel and was reported by Ben-David in July 2023. Despite warnings, many universities failed to patch the vulnerabilities, leaving their data at risk.
An Iranian group claims to have released approximately 120 gigabytes of data from Sapir University. Their Telegram posts also claim the theft of information from other institutions such as Saknin University and the Beit Shemesh police academy, including videos showing systems being hacked. . Additionally, she distributed a video featuring her CEO of a cybersecurity company and her family at the event.
According to MalamTeam, which owns the compromised system, they updated their system to a version that blocked the breach two years ago, but many universities failed to do the same.
“This is an older version that has not been supported for two years,” the company said. “The migration of all universities to the new portal has already been completed. We would like to thank Lior Ben-David for raising the issue with CyberArray about six months ago. This issue has been addressed by the university. ”
2 View gallery
Hacker uploads personal information of thousands of students
(Photo: Shutterstock)
The Malam team initially tried to distance themselves from the incident, but later acknowledged the university's surveillance. The incident has troubled the National Cyber Security Agency, which is concerned about the increasing number of cyberattacks due to the activity of malicious actors targeting Israeli networks. Some attacks focused on data theft, while others attacked and corrupted his website.
Although it is difficult to determine the extent of a cyber breach in university systems, students are advised to closely monitor their bank accounts and other remotely accessed applications. Students working in the security forces must be careful as their information can be misused by malicious parties.
“4,000 student ID cards were released along with the Malam team CEO's email. Data from other universities will be released later,” Ben-David said.
