The personal data of thousands of Israeli college students, including IDs, bank account details, phone numbers, IDF documents, email addresses and test results, was uploaded to the darknet by a group of hackers affiliated with Iran.
Read more:
Cybersecurity expert Lior Ben-David describes the incident as one of the most severe he's encountered, noting the stolen sensitive data could lead to identity theft or takeovers of students' social media accounts.
The breach, originating from a system used by most Israeli colleges, was reported by Ben-David in July 2023. Despite the warning, many colleges failed to patch up the vulnerability, thus compromising the data.
The Iranian group alleges to have released approximately 120 gigabytes of data from Sapir College. Their Telegram posts also claim theft of information from other institutions, such as Sakhnin College and the Police Academy in Beit Shemesh, including videos showing the system being hacked. Additionally, they circulated a video featuring the CEO of the cybersecurity company and his family at an event.
According to MalamTeam, which owns the compromised system, they updated the system two years ago to a version that blocked the breach but many colleges failed to do the same.
"This is an old version that has been unsupported for two years," the company said. "The transition of all colleges to a new portal has already been completed. Thanks to Lior Ben-David for raising the issue to the cyber array about half a year ago. The issue was addressed by colleges."
MalamTeam tried at first to distance itself but later conceded the oversight by the colleges. This incident troubles the National Cyber Security Authority which worries the number of cyberattacks is growing due to operations of malicious actors to target Israeli networks. Some attacks focused on data theft whereas others attacked and corrupted websites.
The extent of the cyber breach in college systems is difficult to determine, but students are advised to vigilantly monitor their bank accounts and other remotely accessed applications. Students serving in the security forces should be cautious, as their information could be exploited by malicious actors.
"4,000 student ID cards have been disclosed, along with the Malamteam CEO's emails. Data from other colleges is expected to be released later," Ben-David said.