News & Notes: UK alumni association online account information compromised in hack

The hacking group known as Team GhostShell announced via Twitter on Monday that it had illegally obtained account information, including usernames and passwords, from several educational institutions around the world, including Princeton. However, the Princeton-related compromised accounts were limited to the website of Princeton Association UK, a UK-based alumni association of 1,000 members that is unaffiliated with the University. GhostShell did not release any accounts from official University servers.

The released data gave hackers access to 10 usernames, email addresses and hashed passwords of the administrators of the website, which is run on the WordPress platform. A hashed password is not useful by itself; it must be decrypted to a plaintext password before it can be used by a hacker to access the account. The leak also included archived articles from the alumni association’s website, which are already publicly available.

Other universities listed by GhostShell on their list of compromised schools include Cambridge University, Rutgers University, Cornell and Harvard.