Personal data of over million students, employees of KU put on sale
SRINAGAR — The personal data of one million students of the University of Kashmir (KU) was hacked and put on sale as the varsity has fallen victim to a cyber attack.
The alleged database of the students has been put on sale for just $250 on a hacking forum by “ViktorLustig”. The name is inspired by the infamous con artist who “sold” the Eiffel Tower, not once but twice, International Business Times reported.
The threat actor has shared a database index to show the data he has in his possession. It claims to include student information, registration number, phone number, email address, password, employee data and more.
The database is listed on Breached Forums, the famous hacking forum that gained international attention earlier this month with a data breach exposing over 1 billion Chinese residents.
Journalist Abhishek Verma received a confirmation from the admin of the forum “pompompurin”, who said the alleged database is legitimate. According to Verma, who writes for Google, Andriod and DroidMaze, the database of more than one million students has been put on sale. Verma also shared the screenshot of the hacked webpage.
“Just spotted an alleged database of “University of Kashmir” being sold on a hacking forum. Threat actor goes by the name “ViktorLustig” selling the database of @KmrUniversity for $250,” Verma tweeted. “He shared a Database index showing what he has.”
“Additionally, the admin of the forum goes by the name “pompompurin” replied and confirms that the alleged database is legitimate” the tweet mentioned.
“The thread has been deleted from hacking forum. But the profile of threat actor “VictorLustig” is still active on the forum,” the journalist shared.
Data stands unmodified at Kashmir University: Officials
Authorities at the Kashmir University say the student data has not been hacked after reports surfaced that hackers breached the secure data.
A University official, as per news agency KDC, said the alleged breach is being analyzed and as per the preliminary analysis, it has been found that the data is unmodified.
“Any breach on data read (which is already accessible in the public domain) is being analyzed in-depth and depending upon the analysis, the University will take further course of action and take an appropriate legal recourse accordingly,” the official said.