Report: University E-Mail Accounts Listed on Dark Web

Image Credit: Digital Citizens Alliance.

If you are currently using or previously used an .edu e-mail address, your account name, password and other personal information may be listed online for cyber criminals to buy. 

That analysis comes from Digital Citizens Alliance (DCA), a nonprofit coalition that has been investigating the dark corners of the internet for the last eight years. DCA recently published a report surfacing evidence that cyber criminals are selling tens of thousands of higher ed e-mail accounts on the “Dark Web,” which is a highly decentralized digital space in which the sale and purchase of goods, services and information is unregulated and often illegal. Cyber criminals can sell or buy illicit, usually stolen goods, like weapons, drugs, malware, movies, music and this case e-mail information, in the Dark Web.

DCA, along with researchers at ID Agent, GroupSense and Terbium Labs, looked at the availability of credentials (i.e. e-mail accounts and passwords) for the largest 300 higher education institutions (HEIs) in the United States during the eight-year period. In the most recent scan, March 2, researchers uncovered nearly 14 million e-mail addresses and passwords belonging to faculty members, students and alumni available on the Dark Web. Of these, 79 percent (nearly 11 million) were discovered in the last 12 months.

While a library, computer lab or other academic setting might seem like the first places hackers would attack, researchers instead found that many of the credentials “are the result of one or more breaches in non-academic settings where .edu credential-holders used .edu user names, or the credentials could have been fraudulently created in the first place,” according to the report. 

To help understand why hackers go after academic communities, the DAC report cites expertise and work by the notorious hacker nicknamed “Dead-Mellox,” who leads Team GhostShell, the "hacktivist" organization that once publicly dumped data for tens of thousands of educational and governmental institutions online. Dead-Mellox, later revealed as 25-year-old Razvan Eugen Gheorghe who lives in Bucharest, Romania, offered the following insights to digital citizens:

  • E-mail accounts with .edu domains are vulnerable to breaches in general;
  • Higher ed institutions tend to have more data than leading commercial businesses or governmental entities; and
  • Their assets, including intellectual property and research, offer bigger prizes for hackers.

The report also examines HEIs with the most credentials listed on the Dark Web. For the No. 1 spot, the University of Michigan-Ann Arbor had 122,556 credentials, followed by Pennsylvania State University (119,350), University of Minnesota-Twin Cities (117,604), Michigan State University (115,973), Ohio State University (114,032) and the University of Illinois (99,375). For currently active e-mail accounts,  Massachusetts Institute of Technology tops the list, followed by Baylor University, Cornell University, Carnegie Mellon and Virginia Tech. Ranked by state, California had the largest number of credentials available, followed by New York, Michigan, Texas and Pennsylvania.

View the full report here.

About the Author

Sri Ravipati is Web producer for THE Journal and Campus Technology. She can be reached at [email protected].

Featured

  • DeepSeek on AWS

    AWS Offers DeepSeek-R1 as Fully Managed Serverless Model, Recommends Guardrails

    Amazon Web Services (AWS) has announced the availability of DeepSeek-R1 as a fully managed serverless AI model, enabling developers to build and deploy it without having to manage the underlying infrastructure.

  • The AI Show

    Register for Free to Attend the World's Greatest Show for All Things AI in EDU

    The AI Show @ ASU+GSV, held April 5–7, 2025, at the San Diego Convention Center, is a free event designed to help educators, students, and parents navigate AI's role in education. Featuring hands-on workshops, AI-powered networking, live demos from 125+ EdTech exhibitors, and keynote speakers like Colin Kaepernick and Stevie Van Zandt, the event offers practical insights into AI-driven teaching, learning, and career opportunities. Attendees will gain actionable strategies to integrate AI into classrooms while exploring innovations that promote equity, accessibility, and student success.

  • college student working on a laptop, surrounded by icons representing campus support services

    National U Launches Student Support Hub for Non-Traditional Learners

    National University has launched a new student support hub designed to help online and working learners balance career, education, and family responsibilities as they pursue their education. Called "The Nest," the facility is positioned as a "co-learning" center that provides wraparound support services, work and study space, and access to child care.

  • laptop displaying a glowing digital brain and data charts sits on a metal shelf in a well-lit server room with organized network cables and active servers

    Cisco Introduces AI-First Approach to IT Operations

    At its recent Cisco Live 2025 event, Cisco announced AgenticOps, a transformative approach to IT operations that integrates advanced AI capabilities to enhance efficiency and collaboration across network, security, and application domains.