DataBox: Early on the morning of September 2nd, a user calling themselves DataBox posted to RaidForums that they had stolen the data of over one million students, teachers, and staff from the Australian Department of Education. The Australian Computer Emergency Response Team (AusCERT) denied the claims. Other users on RaidForums quickly pointed out that not only was the data actually from k7maths, an e-learning solutions provider, but that the data had also been posted by another user back in March. AusCERT specified that, based on their investigation into the issue, the data was the same as what was leaked in March and that the data likely came from an exposed Elasticsearch instance. The exposed data included first names, emails, password hashes, and K7Maths settings. AusCERT correctly observed that the hashes “can be cracked with enough effort.” Following other users calling out DataBox for misrepresenting the source of the data, DataBox updated the post to show that it came from K7Maths.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in