A threat actor is allegedly selling the database of the University of California, Berkeley, a world-renowned public research university and one of the most prestigious academic institutions in the United States. The seller posted an advertisement on a popular cybercrime forum, claiming to have obtained the university’s complete database and offering it for sale in both SQL and CSV formats. The post also claims to provide access to the university’s phpMyAdmin panel, a web-based database administration tool.
To substantiate their claims, the threat actor included several screenshots as proof. These images display backend access to the university’s databases, showing tables containing sensitive information and lists of user accounts with usernames, email addresses, and hashed passwords. The actor also noted that several of Berkeley’s subdomains were experiencing outages at the time of the post, an observation supported by other screenshots showing database connection errors on official university websites. This incident poses a significant security risk to the university’s students, faculty, and staff, potentially exposing their personal and financial information.
The compromised data allegedly includes a wide range of sensitive information:
- Student data
- Seminar information
- Teacher details
- Usernames and password hashes
- Payment data made by the university
