A threat actor operating under the alias “BX1”, has leaked a database allegedly containing 183,450 unique email addresses of Moroccan students. The data, according to the actor, originates from multiple breaches of Morocco’s Ministry of Education systems.
The post includes direct download links hosted on multiple anonymous file-sharing platforms.The dataset reportedly contains student emails extracted from prior ministry-related data breaches, cleaned and consolidated into a single list.
The threat actor emphasizes that all duplicates and credentials have been filtered out, suggesting a curated database designed for phishing, spam, or credential-stuffing operations.
Disclaimer: This report is based on open-source intelligence (OSINT) and dark web monitoring. CyHawk Africa has not independently verified the authenticity of the claimed data. The report is intended solely for cybersecurity awareness and situational intelligence purposes.