Massive Data Breach Hits Indian Universities: Over 350K Records Exposed

Company Overview

• Targeted Entity: Multiple universities across India
• Affected System: University management system used across various institutions
• Date of Breach: May 4, 2024
• Threat Actor: User "USDoD" on an underground forum

Breach Details

• Breach Description: A forum post by a user named "USDoD" revealed unauthorized access to a university management system in India, affecting a significant number of institutions.
• Data Compromised:
  • Two separate databases were leaked:
    • First Database: Contains over 300,000 entries with fields including Application Number (APP_NO), Application Record Number (APPL_NO), Login ID, Email, Mobile Number, Name, Community, Gender, Phone Number, and Password.
    • Second Database: Contains over 50,000 entries with additional fields beyond those in the first.
• Method of Distribution: The data was shared publicly on an underground forum, with download links provided for the leaked databases.

Threat Actor Profile

• Alias: USDoD
• Forum Activity:
  • Member of "Equation Corp." on the forum with 113 posts and 33 threads.
  • Joined the forum in July 2023.
  • Reputation score of 881.
• Status: The forum account has been permanently banned following this leak.

Impact Analysis

• Scope of Impact:
  • The breach potentially affects hundreds of thousands of students and university staff members across India.
  • Personal information such as names, contact details, and passwords are at risk, which could lead to further exploitation, including identity theft, phishing attacks, and unauthorized access to other systems.
• Institutional Damage:
  • Universities may face legal and reputational consequences, with a loss of trust from students and stakeholders.
  • Financial costs associated with breach management, including notifications, legal actions, and potential fines, could be substantial.