leaksear.ch has indexed a small credential leak tied to the Faculty of Graduate Studies for Education at Cairo University, with 7 records dated January 26, 2025 and attributed in the metadata to the GDLockerSec ransomware group (leaksear.ch metadata). The faculty's own site describes it as a graduate education faculty offering diploma, master's, and PhD programs, which makes the exposed account data relevant to people who used FGSE systems (www.fgse.cu.edu.eg).
What happened
Ransomware.live lists www.fgse.cu.edu.eg as a GDLockerSec victim, with discovery and estimated attack dates of January 26, 2025, and a leak description of 7MB (www.ransomware.live). UNDERCODE NEWS reported the same day that GDLockerSec added Cairo University's Faculty of Graduate Studies for Education to its victim list and that the FGSE website had been compromised, while noting that the extent of damage and any demands were unclear (undercodenews.com).
The public reporting reviewed here does not establish whether Cairo University confirmed the incident, whether a ransom was demanded or paid, or whether the leak extends beyond the small credential dataset indexed here.
What data was exposed
The leaksear.ch indexing metadata identifies 7 records containing names, usernames, and passwords. The indexed record context also includes account status, internal IDs, roles, and source table information, but those context fields are not listed as searchable fields in this index (leaksear.ch metadata).
Why this matters
Credential records can be high impact even at small scale because one reused password can become an entry point into related university, email, or personal accounts. Names and usernames also give attackers believable context for phishing and password-reset scams. Anyone who had an FGSE account or reused an FGSE password should check whether their data appears in this leak and rotate reused passwords promptly.
Check your exposure
Vetted researchers and incident-response teams can request access or sign in if they already have access to check this dataset. Searchable pivots for this leak include name, password, and username.