“Ed-Tech is a huge target for hackers to steal data”, says CloudSEK

CloudSEK discovered a threat actor selling nearly 500K student records from various popular Indian education platforms.

The samples provided by the threat actor suggest that the leaked data is from the year 2021. 

The leaked information contains the following:

Full name

Telephone number

Email address

Username

Registered state

The Hacker is seeking a one-time sale for the database, the amount is undisclosed. They have been active since August and can be contacted via the forum to conduct the transaction illegally.

Investigative Analysis

The data that has been stolen can be used for advertising and marketing purposes to influence Indian students aged 16-19. Exposed PII could be used to orchestrate social engineering schemes to manipulate the victims, phishing attacks where devices of the victims can be compromised, and the hacker can gain access to other sensitive information and finally, identity thefts where these credentials can be used to perform other malicious activities on the internet.It is also possible that the email addresses and phone numbers belong to the compromised individual’s guardian(s), thereby putting the family at risk.

This Hacker is a new forum user. This has been observed in most high-profile data breaches publicized on the cybercrime forum. Steps to prevent Data Stealing include, identifying loopholes in the website and patch vulnerable and exploitable endpoints, Implementing a strong password policy, employing MFA(multi factor authentication).Mention of the data breach obtained from open source investigation, data leaked from Apni Kaksha.

Mention of the data breach obtained from open source investigation, data leaked from Apni Kaksha.

City Today News

9341997936

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.