Hackers known as SiegedSec, notorious for infiltrating government agency networks, have targeted the University of Connecticut in an email spoofing incident. The group sent a series of spoof emails, including one falsely announcing the death of a university official, leaving students initially shocked and concerned. The hackers, self-proclaimed “gay furries,” claimed the attack was for “lulz,” seeking amusement rather than retribution. The university’s IT department swiftly responded, removing the messages and investigating the incident.
In the early hours of Wednesday, an email account disguised as UConn Announcements sent a message to the university’s undergraduate listserv, falsely reporting the “Unfortunate Passing of Radenka Maric.” Prior to this, another email under the name “meow” was sent, revealing that the listserv had been hacked by “gay furries” and providing a link to the hackers’ Telegram channel. Although students initially reacted with shock, they soon realized the emails were fake, leading to the creation of memes and jokes on the unofficial UConn Reddit page. However, concerns were raised about the university’s vulnerability to cyber attacks and the potential risk to personal data.
University spokesperson Stephanie Reitz confirmed that an unauthorized user gained access to the system and sent the fictitious messages. UConn’s IT department promptly removed the messages and took corrective measures to prevent similar incidents from occurring. The department, along with UConn Police, is currently investigating the cyber attack. In an interview with the group’s leader, Vio, they claimed to have found hardcoded credentials for the UConn Daily Digest email account in publicly available data and exploited the lack of two-factor authentication. The attack was described as opportunistic and done solely for amusement.
SiegedSec, previously known for targeting government entities, including Texas, Nebraska, and Pennsylvania, claims to engage in both blackhat hacking and hacktivist operations. The group’s recent attacks have been attributed to their opposition to current and pending restrictions on gender-affirming care in various states. While the university reassures that their listservs are restricted and require permission for access, the incident has prompted a deeper examination of cybersecurity measures and protection of personal information. The investigation into the UConn cyber attack is ongoing.
