What appears to be a combination list from various databases related to the University of Georgia appeared on a public paste site yesterday. Although the University of Georgia has disclosed a number of breaches in the past six years, none of the breaches this site knows about would account for all the data in this dump.
The data, more than 4,800 records, consists of what appears to former and current students’ and staff’s email addresses and passwords, in some cases with usernames and IP addresses. For some records, the passwords are in plain text, while for others, they are encrypted. Some of the records appear to include date of birth, and some of the records appeared to have time stamps. The most recent timestamp was from December, 2015. More than 70 of the records include reference to “funimation,” e.g.:
A Google search for some of the email addresses in the dump was able to identify some of the individuals as alumni of UGA. Others are currently on staff on at UGA. DataBreaches.net is still exploring the dump to try to determine whether any of those in the list are current students. Email inquiries sent to several possible current students did not produce responses, but did not bounce back, either.
DataBreaches.net contacted UGA via email and then phone yesterday, and although their IT helpdesk said they were forwarding the message up the chain immediately last night, DataBreaches.net did not get any response from either the press office or the CISO. A second email to the press office today was also unanswered.
As of the time of this posting, the dump is still publicly available, and it has been viewed more than 125 times.
If UGA responds to the notifications, this post will be updated. It is important to emphasize that it is not clear whether their system was breached, or if this dump represents a culled list of data from other leaks or hacks.
If you are a current employee or student at the University of Georgia, you might want to err on the side of caution and change your password.