Cyber Incident Victim: Coastal Carolina University
Date:
Dec 2014
Location:
United States of America
Summary
Coastal Carolina University was among multiple educational institutions compromised by a hacker using the alias @MarxistAttorney, who publicly disclosed stolen data including logins, employee IDs, and other sensitive information. The attacker claimed the intrusions were motivated by amusement ("lulz") and a desire to expose perceived inadequacies in the universities' IT security measures. While some affected institutions acknowledged investigating the claims, the university's specific response or confirmation of the breach was not detailed in available reports. The incident highlighted broader concerns about cybersecurity vulnerabilities in the education sector and lack of federal oversight for such breaches.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In January 2015, Coastal Carolina University was implicated in a multi-institution data breach claimed by the hacker using the alias "@MarxistAttorney." The attacker publicly disclosed their activities on Pastebin on January 3, 2015, listing Coastal Carolina among six targeted educational institutions that included California State University, University of Kentucky, University of Connecticut, University of Maryland, and Abertay University. @MarxistAttorney provided data dumps purportedly containing compromised information from each university as evidence of the intrusions, though specific technical details about Coastal Carolina's breach vector (e.g., exploited vulnerabilities, attack timeline) were not disclosed in available reports. The hacker's website hosted additional stolen data, though DataBreaches.net opted not to link directly to the dumps. Initial outreach by the cybersecurity news site to all affected institutions yielded only limited responses, with Coastal Carolina not providing public confirmation or denial of the breach at the time of reporting. @MarxistAttorney stated their motivation was "the sole pleasure of the lulz" and aimed to publicize stolen data to embarrass university IT teams, claiming possession of "thousands upon thousands of logins, employee ids, and various other sensitive information."
The scope of Coastal Carolina's exposure remained unverified, as university officials did not issue substantive statements despite DataBreaches.net's inquiries. This contrasted with responses from other institutions: Abertay University confirmed a breach of a satellite competition website (daretobedigital.co.uk), while University of Maryland and University of Kentucky acknowledged investigations without confirming compromises. Federal agencies exhibited no involvement in investigating the education-sector breaches, with the FTC maintaining its position that it lacked jurisdiction over nonprofit institutions under Section 5 of the FTC Act. No remediation steps, forensic findings, or impact assessments specific to Coastal Carolina were documented in the source materials. The incident highlighted systemic challenges in breach verification and regulatory oversight within higher education, as multiple institutions faced delays in confirming compromises despite public claims by the threat actor.