This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Thanks for the Help (TFTH)

Summary

In December 2024, the KillSec ransomware gang claimed an attack on Thanks for the Help (TFTH), an Australian educational support platform that assists university and college students with assessments and student accommodation services. KillSec threatened to leak exfiltrated data after eight days and published 1% of allegedly stolen data as proof. TFTH's website has been flagged by the Australian government's Tertiary Education Quality and Standards Agency for providing essay writing services.

What Happened

Thanks for the Help (TFTH) operates an educational support platform marketing services to Australian university and college students. The company offers assessment assistance, student accommodation finding services, and other educational support. The platform has attracted scrutiny from Australia's Tertiary Education Quality and Standards Agency (TEQSA) due to concerns about academic integrity related to essay writing services.

In December 2024, the KillSec ransomware group claimed to have breached TFTH's systems and exfiltrated data. The attackers published approximately 1% of the allegedly stolen data as proof of the breach and set an eight-day countdown timer threatening to release all data if ransom demands were not met. KillSec has been actively targeting Australian businesses in recent months, including a claimed attack on Clubfit Software, a gym management software firm, in the same period.

The specific ransom amount demanded was not publicly disclosed, and the nature and volume of compromised data remained unclear beyond KillSec's general claims.

Impact on Individuals

The potential impact on individuals remained uncertain as TFTH did not confirm the breach or disclose what data, if any, was actually compromised. If the attack was genuine, affected individuals could include students who used TFTH's services, potentially exposing contact information, academic records, or payment details associated with service purchases.

Given TFTH's business model involves assisting students with assessments, any data breach could also expose students to reputational risks if their use of such services became publicly known, particularly at institutions with strict academic integrity policies.

Organisational Response

TFTH did not issue a public statement about the KillSec claims. The company did not confirm or deny the attack, leaving customers uncertain about whether their data had been compromised and what protective actions they should take.

Verification Source: View original statement