The FBI is informing academic partners of identified US college and university credentials advertised for sale on online criminal marketplaces and publically accessible forums. This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations.
Cyber actors continue to conduct attacks against US colleges and universities leading to the exposure of user information on public and cyber criminal forums. Credential harvesting against an organization is often a byproduct of spear-phishing, ransomware, or other cyber intrusion tactics. For example, in 2017, cyber criminals targeted universities to hack .edu accounts by cloning university login pages and embedding a credential harvester link in phishing emails. Successfully harvested credentials were then sent to the cyber criminals in an automated email
Source: U.S. Federal Bureau of Investigation Cyber Division