600,000 Cambridge and Oxford University Email Addresses Found on the Dark Web

By Ava McKinneyOnline Safety

600,000 Cambridge and Oxford University Email Addresses Discovered on the Dark Web

A cybersecurity firm has found approximately 600,000 email addresses associated with the University of Oxford and the University of Cambridge on the dark web. The investigation, conducted by RepKnight, a company specializing in cybersecurity, uncovered over 600,000 email addresses linked to Cambridge or Oxford universities, with about 400,000 belonging to Cambridge.

Previously, there was a trend on the dark web involving the sale of so-called grade sheets, which could allegedly be used to obtain a university diploma. However, it remains unclear how legitimate these documents are or whether they can actually serve as proof of education from these institutions. (Editor’s note: This is highly questionable, but such products were indeed popular.) This trend has now evolved into the sale of email accounts.

For reference, a report by the Digital Citizens Alliance last year found up to 14 million email addresses from 300 U.S. universities being offered for sale on the dark web.

Emails from educational institutions pose a significant cybersecurity threat, as they can be used to launch widespread phishing campaigns or spread misinformation about the universities. Such emails are generally trusted more, giving scammers a considerable advantage.

Research Findings

According to RepKnight’s report, the study was based on lists of email addresses from each college, department, and administrative office at the associated universities. Researchers used a dark web monitoring tool called BreachAlert.

The study revealed that more than half of the “Oxford diplomas” for sale were linked to specific colleges, while 97% of “Cambridge diplomas” were offered by university staff or faculty. Further analysis of 24 leading UK universities uncovered nearly 5 million diplomas for sale, as well as 600,000 email addresses belonging to students, staff, and others involved in the educational process.

Why Is This Dangerous?

Educational institutions collect a significant amount of data on students, and if this data is compromised, it can be sold for profit on the dark web. Most universities have notable gaps in their information security, as access to university information is typically made as easy as possible for students. This leads to various vulnerabilities and, ultimately, data leaks.

How Can These Data Leaks Be Prevented?

According to a report by Gemalto, a digital technology and cybersecurity firm, there were 918 incidents in the first half of 2017 that resulted in 1.9 billion compromised data records.

Data theft is the most common cybercrime, accounting for about 70-75% of all online crimes. The education sector is seeing a rise in potential vulnerabilities (+103% per year) and a 4,000% increase in compromised data. This indicates that criminals are well aware of the weak points in university cybersecurity and are actively exploiting them.

So, what measures should higher education institutions take to prevent this?

  • Implement systems that require more than just a username and password to log in (for example, a passphrase, a code sent via SMS, etc.).
  • The system should use data about the location, time, and device used for login attempts to decide whether to allow or deny access.
  • Students often share passwords, which can create new vulnerabilities. Therefore:
    • The system should prevent simultaneous logins, limiting each student to one session at a time. This helps prevent an attacker from logging in at the same time as the legitimate student. In case of violations, students can be held accountable by checking their login history.
  • Another approach is to restrict access to student credentials. Students should only be allowed access to certain levels of the network, meaning they have limited access to sensitive information. This helps secure the network by giving institutions greater control.

Conclusion

Additionally, educational institutions should have appropriate software and tools to monitor network traffic, which can help detect malicious activity. Traffic should be scanned regularly, and the use of unauthorized software on university computers should be prohibited.

The human factor also plays a significant role in data leaks, so everyone involved must be especially careful to avoid intentionally or unintentionally disclosing confidential information.

The dark web will always provide marketplaces where cybercriminals can buy and sell credentials. Everyone should check to make sure their passport, ID card, or other personal information isn’t being sold there.

Leave a Reply