Pierluigi Paganini March 30, 2017

Stolen email credentials from the largest US universities are a precious commodity in the dark web, crooks are offering them for a price ranging from $3.50 to $10 apiece.

The researchers, supported by a research firm ID Agent, found 13,930,176 credentials from those big schools, mostly from the University of Michigan (122,556), Penn State (119,350), University of Minnesota (117,604), Michigan State (115,973), and Ohio State (114,032).

The MIT is the institute with the highest ratio of stolen and spoofed email addresses to number of enrolled and staff, 2.81:1, followed by Carnegie Mellon University, 2.4:1, and the Cornell University, 2.39:1.

“I’ve been scraping the Dark Web since 2009. There were 2.2 million .edu [emails] there back in 2015, 2.8 million in 2016, and now almost 14 million a year later. That’s a significant spike,” explained Brian Dunn, managing partner at ID Agent.

According to the researchers, the huge amount of stolen records was obtained through third-party website breaches, and during 2016 the number of data breaches was very high.

“There have been significant third-party breaches in 2016,” said Dunn. ID Agent observed a 547% increase in all types of stolen credentials offered for sale in the Dark Web over the past three years.

According to the DCA, the report only analyzed credentials belonging to the major US universities, this means that there is the possibility that in the dark net sellers are offering credentials for other smaller universities.

“[The] .edu [domain] is a generally valuable email domain just like .gov and .mil,” Dunn concluded.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Digital Citizens Alliance, DDoS)