Cyber Incident Victim: University of Maryland, College Park
Date:
Jan 2015
Location:
United States of America
Summary
The University of Maryland was among several academic institutions targeted in a hacking campaign by an individual using the alias @MarxistAttorney, who claimed to have exfiltrated thousands of logins, employee IDs, and other sensitive data. The attacker publicly dumped portions of the stolen information as proof and stated the intrusions were motivated by amusement and a desire to expose perceived inadequacies in the universities' IT security. While the institution initially delayed its response, it later confirmed it was investigating the breach. Other affected universities also acknowledged the incidents, with some attributing compromises to third-party or satellite systems. Federal oversight of such breaches in the education sector was noted as lacking at the time.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In early January 2015, the University of Maryland was identified among several universities targeted by a hacker using the alias @MarxistAttorney. The attacker publicly claimed responsibility for breaching the university’s systems and dumped stolen data on Pastebin on January 3, 2015, as proof of the intrusion. The compromised data included university logins, employee IDs, and other sensitive information, though specific details regarding the volume or full scope of the data were not disclosed in the public claims. @MarxistAttorney stated the attacks were motivated by "lulz" and a desire to expose perceived inadequacies in the targeted universities’ IT security teams. A tweet from an account associated with @teamcarbonic suggested a potential personal grievance against the University of Maryland, referencing a prior rejection from the institution, but no direct confirmation linked this to @MarxistAttorney’s actions. DataBreaches.net contacted the university for verification on January 4, 2015, alongside other affected institutions.
The University of Maryland initially did not respond to inquiries but issued a statement on January 8, 2015, confirming they were investigating the matter. No further details about the breach’s origin, methods of intrusion, or specific systems compromised were disclosed by the university. Other institutions named in the attack, such as Abertay University, clarified that their breach involved a satellite website unrelated to core university infrastructure, but Maryland did not provide analogous details. The incident highlighted broader concerns about insufficient federal oversight of cybersecurity breaches in the education sector, as noted in the article’s commentary on the FTC’s limited authority over non-profits. No subsequent public updates from the University of Maryland or law enforcement regarding containment measures, forensic findings, or mitigations were documented in the source material. The attacker’s actions remained unaddressed in terms of legal consequences or attribution within the available reporting period.