In news first brought to my attention via DefconLab earlier today, January 12th 2019, a hacking group by the name of “KelvinSecurity” (KelvinSecTeam) has announced a hack and data leak effecting the Corporación Universitaria Minuto de Dios (UniMinuto) in Bogotá, Colombia. In a leak posted to Pastebin, hackers released the school ID numbers, names and email addresses of hundreds of students, along with the name and email addresses of a little more than half a dozen school administrators. Investigating the leak further, the hackers also list the file folder names of 16 other data tables, including login information/credentials, school documents, department IDs and much more – indicating that hackers were able to gain administrator level access over the entire website.
While the group has traditionally been associated with Venezuela, today’s leak featured a message written in Belarusian, reading “KelvinSecurity is a person looking to gather information for talented people all around the work, connecting to networks exploiting their systems.” Historically, the group has been known to announce hacks in hopes of selling any data obtained from it online, though there is no indication the hackers are attempting to sell any data uncovered from Colombia today.
#WeekLeaks 3 – leaks de @acsaquidauana, @UNIMINUTOCOL, Governo de Goiás, São João/SP, @ufmg, @ufscaroficial, @UVa_es e Onspace#vazamento #hacked #leaked #hacking @Prodesp @CCNCERT https://t.co/ZohfuW6clK
— DefCon Lab (@LabDefCon) January 12, 2019