University Of Georgia

Group

shadowbyt3$

Status

Data leaked

Country

US

Sector

Education

Listed on leak site

May 14, 2026

The University of Georgia (UGA) is a leading public land-grant research university located in Athens, Georgia, established in 1785 as the first state-chartered university in the United States. It serves tens of thousands of students and employs thousands of faculty and staff across a broad range of academic, research, and public service missions. UGA maintains partnerships with state and government agencies including GEMA, GDOT, and various county-level entities.

ShadowByt3$ claims to have exfiltrated approximately 3.2 MB of raw text files from the University of Georgia, publishing the data on their leak site. The stolen data reportedly includes employee PII, government project data, infrastructure maps, GIS records underpinning 911 dispatch, and internal administrative records.

• Employee home addresses
• Personal cell and home phone numbers
• Institutional identification photos
• Internal project documentation and tracking logs
• Workforce metadata (position numbers, departmental assignments, schedules)
• System maintenance and development notes
• GEMA emergency management project maps
• Georgia Broadband project data
• GDOT transportation project data (through 2026)
• Asset Forfeiture logs
• County-level GIS data (Athens-Clarke, Bibb) used for 911 dispatch and land taxes
• UGA Office of the President Mail Tracker records
• Gov360 anonymous executive coaching logs
• Subject Matter Expert (SME) identification and work-hour logs
• Employee classification data (full-time benefited vs. student assistant)

ShadowByt3$ has breached University of Georgia. The full data is on are leak site. We stole approximately 3.2 MB in raw text files. No customers were affected just exployees the following was stolen. - Physical Locations: Home addresses (like the Columbus, GA residential home) and specific office numbers (like Office 2207). - Private Contact Info: Personal cell phone numbers and home phone numbers (e.g., the 404-736-xxxx). - Employee Information: This often includes full names, contact details, and institutional identification photos. - Project Documentation: Information regarding internal university projects, including tracking logs and administrative data for various departments. - Workforce Data: Internal metadata such as position numbers, departmental assignments, and work schedules. - Technical Details: Notes regarding system maintenance and development that could potentially highlight internal processes - Critical Infrastructure: Active project maps for GEMA (Emergency Management), Georgia Broadband, and GDOT (Transportation) through 2026. - Government Records: Access to Asset Forfeiture logs and County-level GIS (Athens-Clarke, Bibb) that underpins 911 dispatch and land taxes. - Leadership Secrets: The UGA Office of the President Mail Tracker and Gov360 anonymous executive coaching logs. - The "SME" Map: we have identified the "Subject Matter Experts" like Noah Abouhamdan, Chad Rupert, and Pat Russell. we know exactly how many hundreds of hours these people have spent on specific pieces of code. - Security Clearances: we know who is a "Benefited" full-time employee (high-value target) versus a "Student Assistant" (low-value entry point).

• Victim siteuga.edu

This page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.