CloudSEK discovered a threat actor selling nearly 500K student records from various popular Indian education platforms.
The samples provided by the threat actor suggest that the leaked data is from the year 2021.
The leaked information contains the following:
Full name
Telephone number
Email address
Username
Registered state
The Hacker is seeking a one-time sale for the database, the amount is undisclosed. They have been active since August and can be contacted via the forum to conduct the transaction illegally.
Investigative Analysis
The data that has been stolen can be used for advertising and marketing purposes to influence Indian students aged 16-19. Exposed PII could be used to orchestrate social engineering schemes to manipulate the victims, phishing attacks where devices of the victims can be compromised, and the hacker can gain access to other sensitive information and finally, identity thefts where these credentials can be used to perform other malicious activities on the internet.It is also possible that the email addresses and phone numbers belong to the compromised individual’s guardian(s), thereby putting the family at risk.
This Hacker is a new forum user. This has been observed in most high-profile data breaches publicized on the cybercrime forum. Steps to prevent Data Stealing include, identifying loopholes in the website and patch vulnerable and exploitable endpoints, Implementing a strong password policy, employing MFA(multi factor authentication).Mention of the data breach obtained from open source investigation, data leaked from Apni Kaksha.
Mention of the data breach obtained from open source investigation, data leaked from Apni Kaksha.
City Today News
9341997936
City Today News 