GhostShell targets personal data at top-rated colleges

Share this article:

Team GhostShell, an Anonymous-related hacktivist collective, is at it again, this time targeting the top-rated universities domestically and internationally.

The group claims it hacked the servers of a laundry list of prestigious institutions, including Princeton, Harvard and Johns Hopkins universities, exposing, at the minimum, the email addresses, passwords, IDs and names of students and faculty.

On Monday, GhostShell posted information from more than 120,000 accounts and records gathered from servers at 100 universities.

Calling the incident part of the “Project West Wind” campaign, group leader “DeadMellox” tweeted about the dump the same day, linking to a document posted on Pastebin.

In late August, GhostShell claimed responsibility for a leak involving one million user accounts, stolen from around 100 websites for government agencies, banks, consulting firms and other institutions. The group also is connected to a breach in May affecting the University of Maine's Orono campus, where the personal data of nearly 4,000 people was compromised after Social Security and credit card numbers were accessed by hackers.

In the Pastebin message, GhostShell said that the recent attacks were launched to bring attention to various grievances the group holds toward the educational systems in the United States, Europe and Asia. The hackers cited growing tuition fees, frequently changing laws and heavily regulated teaching.

Perhaps telling of the vulnerability of the academic landscape, the group said it discovered that many of the targeted college's servers already had been  infected with malware.

A spokesperson from University of Michigan, which had seven servers listed as having been hacked, did not immediately respond on Monday to a request for comment from

A spokesman at New York University, where two servers may have been made accessed by hackers, told on Monday that the school's IT department had been contacted about the matter. A spokesman at Johns Hopkins University also confirmed that IT staff was looking into allegations that five servers were infected. also reached out to the U.S. Department of Education for comment, which has yet to respond.

Share this article:

Sign up to our newsletters

More in News

Incapsula mitigates multi-vector DDoS attack lasting longer than a month

Incapsula mitigates multi-vector DDoS attack lasting longer than ...

Incapsula's scrubbing servers were able to filter out more than 50 petabits of malicious DDoS traffic aimed at a video game company for longer than a month.

UPS announces breach impacting 51 U.S. locations

The shipping and printing provider said malware has been present on some stores' computer systems since mid-January.

'Machete' espionage campaign targets orgs in Venezuela, Ecuador

The campaign targets Spanish speaking victims, which also appears to be the native language of attackers.