Ransomware Group: GDLOCKERSEC

VICTIM NAME: www[.]usmba[.]ac[.]ma

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the GDLOCKERSEC Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak page associated with the educational institution identified as www.usmba.ac.ma outlines a significant data breach affecting multiple user categories. This incident was published on January 24, 2025, by the group known as GDLockerSec. The reported attack has led to the exposure of sensitive information concerning approximately 6,827 users, alongside data from around 2,148 employees and 3,279 third-party entities. Specific details regarding the nature of the leaked data remain undisclosed, but the file size indicated is 8MB, suggesting a substantial amount of information may have been compromised. The presence of a screenshot related to this breach indicates further documentation may be accessible on the dark web.

According to the information available, the leak includes data concerning a range of stakeholders connected to the victim’s operations. The site appears to have incorporated links to various URLs, possibly providing further details regarding the leaked data. The educational institution primarily operates out of Morocco and is categorized under the education sector. The publication of this leak raises considerable concerns over the security protocols implemented by the institution and highlights an ongoing trend of targeting educational entities within cybercriminal operations, which often results in significant reputational and operational damage.