MindX Technology Cyber Attack Linked To Corruption


MindX Technology School, previously recognized as Techkids, established in 2015 and situated in Vietnam, has been listed by the ThreatSec hacker group as their latest victim.

The school specializes in instructing programming skills to primary and secondary school students. While the hacker collective has claimed the MindX Technology cyber attack, the school is yet to confirm the cyber incident.

The website of Mindx Technology School was accessible following the cyber attack by the ThreatSec claims made by the hacker group.

Claims made by ThreatSec about the MindX Technology cyber attack

The MindX Technology cyber attack was attributed to the ThreatSec group on their dark web portal, as depicted in the accompanying screenshot. –

MindX Technology cyber attack
Screenshot of ThreatSec’s dark web portal (Photo: Falcon Feeds/ Twitter)

Threat Intelligence Service Falcon Feeds tweeted about the cyber attack on MindX Technology School. “ThreatSec hacker group allegedly claims to have hacked into MindX Technology School (mindx.edu.vn), database and is kept for sale,” Falcon Feeds tweeted.

In the post, the relatively new hacktivist group, also mentioned a bribery trial over Covid-19 flights, where over 50 individuals including high-ranking officials and former ministers were sentenced to jail term by a Vietnam court.

The case is considered to be one of Vietnam’s biggest bribery and corruption cases according to a BBC report.

The convictions revolved around the culpability of these 54 individuals who were found guilty of soliciting funds from individuals utilizing repatriation flights during the COVID-19 pandemic. Furthermore, this case featured the sentencing of a former minister to 16 years of imprisonment.

ThreatSec also stated that they came to know about MindX Technology School through an investor scandal. They have about 700,000 Mongo DB documents with data from the school.

The hackers claim to have information about sales, company owners, customers, and business domains among others. “Much of this data is clearly personally identifiable,” the dark web post read.

They claim to have stolen the following data from the MindX Technology cyber attack –

  1. 157,937 full names
  2. 22,965 emails
  3. 201,482 phone numbers
  4. 4,439 bank account numbers
  5. 66,590 unique addresses

Collectively, the hacktivist group possesses more than 19GB of data obtained from the MindX cyber attack, and they have offered to sell this data with a starting price of $6,500.

Growing Focus on School Cybersecurity: White House Takes Action

In recent years, hackers have identified vulnerabilities within educational institutions including schools, colleges, professional institutes, and more. Exploiting these weaknesses, a surge in cyber attacks on the educational sector has been noted.

To fortify cybersecurity in America’s K-12 schools, the Biden-Harris Administration has taken initiatives to reinforce the nation’s school cyber defense, ensuring the protection of diligent American families.

Schools have been targeted by hackers which have led to the compromise of student data including their addresses, and personally identifiable information.

Based on a 2022 report by the U.S. Government Accountability Office, the aftermath of a cyberattack led to a loss of learning spanning from three days to three weeks, with recovery times varying from two to nine months.

Moreover, the financial impact on school districts post-cyber incident ranged from $50,000 to $1 million.

This was recently addressed by the Biden-Harris administration with details about new action plans to defend against cyber attacks on U.S. schools.

The following cybersecurity-related steps were mentioned in the White House statement –

  1. A pilot program was proposed for K-12 schools and libraries which will see funding of nearly $200 million by the Universal Service Fund to bolster cybersecurity.
  2. A collaborative Government Coordinating Council will be established as a channel of communication between federal, state, local, and tribal education leaders among others.
  3. The release of the K-12 Digital Infrastructure Brief: Defensible & Resilient jointly by the U.S. Department of Education and CISA along with other releases in the form of guidance documents so educational leaders can learn better cyber hygiene.
  4. CISA will be providing cybersecurity training for 300 new K-12 entities averaging one exercise per month. They are soliciting requests from critical infrastructure partners and the government.
  5. The Federal Bureau of Investigation and the National Guard Bureau will release the latest guides for the state government and education officials to report cybercrimes.

Besides the above, the White House statement addressing school cybersecurity concerns stated that Amazon Web Services will spend $20 million for a K-12 cyber grant program for all school districts and department of education.

Cloudflare will offer a free Zero-Trust cybersecurity solution through its Project Cybersafe Schools.

ThreatSec hacktivist group and hacktivism

Several hacktivist groups have sprung up in the recent past that have been collaborating to launch cyber attacks on organizations from countries where they find news about corruption. There are hacker groups with similar names including GhostSec, that surfaced in 2015.

UserSec collective and GANOSEC Team are other hacking groups that collaborated to target Swedish websites.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.





Source link