Added on August 11, 2022 KV News

SPOTLIGHT: KU’s data security system under scanner after students’ info put on ‘sale’ by hackers

Decrease Font Size Increase Font Size Text Size Print This Page Send by Email

Muhammad Adnan
Srinagar: Kashmir University’s data security system has come under scanner after a serious breach was reported in the students’ and employees’ data that was put on sale by hackers following an alleged cyber attack on the varsity’s data system.
The data of millions of students and employees was put on sale on “Deep Web” for 250 US dollars, a report by an independent media outlet read.
Soon after the issue made its way to social media and caused panic among the students and employees, the University authorities issued a statement saying the data was “unmodified” and it was “analysing any breach of data read (which is accessible in public domain) in depth”.
A cyber security expert however told ‘Kashmir Vision’ that not only the accessible data was available on the “Deep Web” for sale, as claimed by the University, the data on sale also included non-accessible and confidential data including students’ phone numbers, email ids and other academic details.
“Clearly the data has been breached from multiple domains, whether inaccessible or accessible or modified/unmodified is immaterial,” the expert said.
The alleged database of Kashmir University students has been put on sale for just $250 on a hacking forum by “ViktorLustig”, a media report read.
The threat actor, the report said, has shared a database index to show the data he has in his possession. It includes student information, registration number, phone number, email address, password, employee data and more.
“The database is listed on Breached Forums, the famous hacking forum that gained international attention earlier this month with a data breach exposing over 1 billion Chinese residents, the report said.
The Kashmir University later in a statement said that the University data was “unmodified and that further analysis is going on in the matter.”
“The alleged breach is being analyzed and as per the preliminary analysis it has been found that the data is unmodified,” the statement said, adding: “Any breach on data read (which is already accessible in public domain) is being analyzed in-depth and depending upon the analysis, University will take further course of action and take an appropriate legal recourse accordingly.”
However, students and employees have demanded a probe by an independent team of experts to see whether the system was breached “within” or “by elements outside the UT.”
“This breach shows that the University has a compromised data system which has risked the privacy of thousands of students and employees,” said a student of computer sciences.
He said the LG administration should order a high level inquiry into the whole episode and fix responsibility for the lapses.
“We cannot let our privacy be compromised in this manner. The University authorities should be made accountable for this serious lapse,” the employees said.