Srinagar- A data breach at the University of Kashmir has potentially exposed the personal information of over 1 million current and former students of the varsity and employees, making their personal data available on the dark web.
The alleged database of Kashmir University students has been put on sale for just $250 on a hacking forum by a username “ViktorLustig” on 6th August. The name is inspired by the infamous con artist who “sold” the Eiffel Tower, not once but twice.
The threat designer had shared a database index on the illegal forum to show the legitimacy of the data he has in his possession. As a result of the attack, some files stored in the program of the University were illegally accessed, with potentially exposed data including personally identifiable information for current, former students and employees that included names, registration numbers, addresses, dates of birth, phone numbers, employee data, password, email addresses and more.
However, as per the latest update, the thread has been deleted from the hacking forum. But the profile of the threat actor “VictorLustig” is still active on the forum. The only document available in the data breach is an archive of the hacked data. It is pertinent to mention here that the deleted post is still available in the Google search index, creating a serious threat to the privacy of Kashmir University students and employees.
As per the archived data thread, a copy of which lies with Kashmir Observer, the breached data includes a database of Kashmir University’s UG 3rd year with 3,47,421 entries including admit card details and other details ranging from year 2015 till 2021.
The second database includes details of UG 2nd year that has 2,72,070 entries including a variety of data from admission year 2015 till 2021. Third database is based on “Iqbal Conference” which has 196 entries including registration fees and many other details.
Another category titled, “MASTER” has 2509 entries. A database titled “eSolBCABBA” has 57,772 entries including details of membership, payment applications, department contacts, entrance roll numbers, payment form details and many more. A database titled, “Users” has 38,049 entries.
The threat actor has also created a “eSolDataBaseKupwara” that has 57,300 entries with alleged payment details and more. Database titled, “MPharma” has 1,71,139 and “eSolDatabaseDistance2019” has 1,08,229 entries allegedly including roll numbers and payment details.
A database with “eSolDataBase2018” title has 3,87,445 entries and “eSolDataBase” has 3,47,968 entries. A database with tagline “eSolMCME” has 1,69,846 entries.
Pertinently, the breach was spotted by a Twitter user Abhishek Verma who received a confirmation from the admin of the forum “pompompurin”, who said that the alleged database is legitimate.
Talking to Kashmir Observer, Abhishek Verma said that he wasn’t sure about the legitimacy because no database was actually shared. “But the database index caught my attention,” Abhishek said, adding that only Kashmir university can confirm the legitimacy of the alleged data breach.
Pertinently, the database is listed on Breached Forums, the famous hacking forum that came into global limelight earlier this month with a data breach exposing over 1 billion Chinese residents. As per Abhishek, who has also shared the screenshots of the hacked data being put on sale on the platform, the hacker has shared a txt file named “dbs.txt” showing an index of the hacked data.
Data Unmodified: KU
Meanwhile Kashmir University in a statement said that the varsity data was “unmodified and that further analysis is going on in the matter.”
“The alleged breach is being analyzed and as per the preliminary analysis it has been found that the data is unmodified,” a Kashmir University spokesperson said in a statement. “Any breach on data read (which is already accessible in public domain) is being analyzed in-depth and depending upon the analysis, University will take further course of action and take an appropriate legal recourse accordingly,” the spokesperson said.
Speaking to Kashmir Observer, DySP cyber police, Sleet Shah said that the department is yet to receive any complaint from Kashmir University about the alleged hack.
“We ourselves came to know about this hack through media portals. We’ll let you know if there’s any update,” she added.