Alleged sale of access to U.S. Student Information System
Incident Overview
The threat actor "miya" claims to be selling initial access to a U.S.-based Student Information System (SIS) SaaS platform used by approximately 150 educational institutions.
According to the threat actor's post, the access reportedly provides:
- OS: Linux
- Device: Firewall
- Permissions: Root RCE + Shell
- Revenue: Unknown
The threat actor has set the price at $400.
This type of access could potentially enable full control over the environment hosting student and institutional data, posing significant risks to the approximately 150 educational institutions using the platform. The access through a firewall with root-level remote code execution (RCE) and shell access represents a critical security concern.
The claim has not been independently verified.
Image Preview
Unlock Full Breach Intelligence
Premium subscribers gain access to PLUS, PRO, or ELITE features, including breach claim URLs and fully unredacted threat and ransomware feeds with no blur, along with leak and breach coverage, 500+ onion and clearnet resources, uptime monitoring, high-resolution watermark-free images, and more.
API Access for Researchers & Security Teams
SOC teams, researchers, and security professionals can integrate Dark Web Informer's threat intelligence directly into their workflows via API. Access real-time breach data, threat feeds, and monitoring capabilities programmatically.
Learn About API AccessDark Web Informer © 2025 | Cyber Threat Intelligence | DarkWebInformer.com
