ShadowByt3$ has breached the University of Georgia in the US and claims to have stolen approximately 3.2 MB of raw text files, which are posted on their leak site. The exfiltrated data reportedly includes employee personal contact information, home and office details, internal project and workforce metadata, technical notes, critical infrastructure project maps through 2026, government records, and leadership/security-related information, impacting #UnitedStates
Incident Details
- Victim: University Of Georgia
- Sector: Education
- Country: US
- Actor: shadowbyt3$
- Source:
- Discovered: 2026-05-14T16:47:31.750340+00:00
- Published: 2026-05-14T16:47:30.102077+00:00
Information
- University of Georgia was breached by ShadowByt3$.
- The stolen data, totaling approximately 3.2 MB of raw text files, was posted on the leak site.
- No customers were affected; only employees were impacted.
- Home addresses and office numbers were exposed.
- Private contact details such as personal cell phone numbers and home phone numbers were taken.
- Employee information, including names, contact details, and institutional ID photos, was included.
- Internal project documentation and administrative records for various departments were stolen.
- Workforce data such as position numbers, departmental assignments, and work schedules was accessed.
- Technical notes related to system maintenance and development were included.
- Active project maps for GEMA, Georgia Broadband, and GDOT through 2026 were taken.
- Government records such as Asset Forfeiture logs and county-level GIS data for Athens-Clarke and Bibb were accessed.
- Leadership-related records, including the Office of the President Mail Tracker and Gov360 anonymous executive coaching logs, were exposed.
- Subject Matter Experts were identified, along with detailed tracking of hours spent on specific code.
- Employee status information, distinguishing full-time benefited staff from student assistants, was also obtained.
Disclaimer: This post is based on public claims made by the ransomware group "shadowbyt3$". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.