Global Media Journal

We've been tracking a concerning rise in breaches targeting academic platforms and open-access journals, often overlooked in favor of higher-profile targets. What really struck us wasn't the size of the breach affecting **Global Media Journal** in **February 2018**, but the potential impact on academic research and intellectual property. The data had been circulating quietly for years, but we noticed a recent uptick in its appearance within combolists used in credential stuffing attacks against universities and research institutions. The relatively simple nature of the breach, coupled with the journal's international reach, suggests a potentially wide impact across the academic landscape.

Global Media Journal: 34k records fueling academic credential stuffing

In **February 2018**, the **Global Media Journal**, an open-access media studies journal with multiple regional editions, experienced a data breach exposing **34,399 user records**. The breach, which consisted of email addresses and password hashes of an unknown format, only recently caught our attention due to its reappearance in combolists. The presence of these credentials in combolists signifies their active use in credential stuffing attacks, potentially granting unauthorized access to academic resources, research data, and communication channels.

Key point: Total records exposed: 34,399

Key point: Types of data included: Email addresses, Password hashes

Key point: Sensitive content types: Potentially exposes user accounts at universities and research institutions

Key point: Source structure: Unknown

Key point: Leak location(s): Combolists, various hacking forums.

Key point: Date of first appearance: February 2018, recent resurgence in combolists

The breach’s impact extends beyond the journal itself. Compromised accounts could be leveraged to access university systems, research databases, or even to spread misinformation within academic circles. This incident highlights the vulnerability of smaller, open-access platforms and their potential to serve as stepping stones for broader attacks. The lack of clarity regarding the password hash format further complicates the remediation process. Without knowing the hashing algorithm, it's difficult to assess the strength of the passwords and advise users on appropriate password resets.

This incident aligns with a broader trend of increased attacks targeting academic institutions. According to a 2023 report by IBM Security X-Force, the education sector experienced a significant increase in cyberattacks, including phishing campaigns and ransomware incidents. Furthermore, the use of combolists to target specific sectors is a well-established tactic, as highlighted in numerous threat intelligence reports. The reappearance of the Global Media Journal data in these lists underscores the persistent threat posed by older breaches and the importance of continuous monitoring and proactive security measures.

Email · Address · Password · Hash