Cyber Incident Victim: Abertay University
Date:
Dec 2014
Location:
United Kingdom
Summary
Abertay University was among several educational institutions targeted in a cyberattack by the hacker known as @MarxistAttorney, who publicly dumped stolen data to undermine the targeted universities' IT teams. The institution confirmed that the breach affected a separately hosted satellite website promoting an annual competition, not its primary systems, and initiated an investigation with the commercial hosting provider. The attacker claimed to possess extensive login credentials and sensitive information from the compromised entities, attributing the campaign to personal amusement rather than a specific grievance. Other impacted universities acknowledged the incidents but did not disclose detailed findings at the time of reporting.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On January 4, 2015, cybersecurity blogger DataBreaches.net reported that the hacker using the alias @MarxistAttorney claimed responsibility for breaching multiple universities, including Abertay University in the United Kingdom. The attacker publicly listed Abertay alongside California State University, University of Kentucky, University of Connecticut, University of Maryland, and Coastal Carolina University on Pastebin, accompanied by data dumps purportedly containing stolen information as proof of compromise. While DataBreaches.net did not directly link to the leaked datasets, initial verification efforts revealed that some data labeled as originating from California State University had previously been attributed to an unrelated hack of the San Diego Zoo by another group called Paw Security.
@MarxistAttorney provided no specific motive for targeting Abertay University but stated in an email to DataBreaches.net that the broader campaign against educational institutions was conducted for "the sole pleasure of the 'lulz'" and to undermine the competence of university IT teams. The hacker claimed possession of "thousands upon thousands of logins, employee ids, and various other sensitive information" across the affected institutions. Abertay University confirmed through an official statement on January 4 that the breach impacted www.daretobedigital.co.uk, a satellite website promoting an annual computer games design competition branded with the university's logo but hosted separately on commercial servers. University officials clarified that their primary domain (www.abertay.ac.uk) and internal systems remained unaffected, with investigations conducted jointly with their third-party hosting provider. No further details regarding the type or volume of compromised data from the Dare to Be Digital site were disclosed publicly.
The University of Kentucky acknowledged investigating the claims on January 4, while the University of Maryland confirmed its investigation four days later. Federal agencies had not intervened in the incident at the time of reporting, consistent with broader jurisdictional limitations over nonprofit educational institutions noted by the article. DataBreaches.net received no confirmation from other listed universities regarding breach validation or additional impacts beyond Abertay's satellite site compromise. The hacker did not respond to follow-up inquiries about specific targeting rationales, though a separate tweet suggested personal grievances may have influenced the University of Maryland attack.