CyHawk Africa has identified a new post on a dark web forum by a threat actor using the alias “EternalRed”, claiming responsibility for a data breach targeting enssup.gov.ma, the official website of Morocco’s Ministry of Higher Education, Scientific Research, and Innovation.
The site serves as a key digital platform for Moroccan students, educators, and research professionals, hosting academic data, scholarship records, and admission information. The actor shared samples of the alleged database, indicating that student records, academic details, and identification data were exfiltrated and exposed.
Potential Impact
If the breach is verified, this incident could expose:
- Personal identifiable information (PII) of Moroccan students.
- Scholarship and funding data linked to government education programs.
- Academic history and institutional enrollment details.
Such exposure could lead to identity theft, fraud targeting scholarship recipients, or exploitation of educational records in social engineering attacks.
Disclaimer: This report is based on open-source intelligence (OSINT) and dark web monitoring. CyHawk Africa has not independently verified the authenticity of the claimed data. The report is intended solely for cybersecurity awareness and situational intelligence purposes.