Every 39 seconds hackers win. By the time you read this article, at least seven victims would have lost their data in some parts of the world. And, there is a good chance one of them would be a university.
Educational institutions have been slow to embrace network security strategies. This might be due to their immersion into scholarly pursuits and hence inherent struggle to find a balance between academic openness and IT security.
This predicament is too lucrative for cybercriminals to turn down. Consequently, 2019 witnessed sophisticated cyber-attacks on various institutions that were completely unprepared. Those incidents revealed vulnerabilities in IT infrastructure in the most prestigious institutions across the world, questioning their trust and reputation.
Here are the top university data breaches in 2019 that shook the cybersecurity world.
Two decades old personal and payroll details hacked.
About 200,000 people were affected by the hacking that took place at the Australian National University. The data breach includes names, addresses, date of births, personal emails, tax file numbers, bank details, passport, and academic records.
Disclosing the identity of these students may have been a part of international espionage to leverage information as the elites of the world study in this institute. Former students are current power brokers, while some of the parents of the current students wield significant influence.
One attack. Three victims.
Hackers broke into Slate, an applicant management software, used by Oberlin College in Ohio, Grinnell College in Iowa and Hamilton College in New York and got access to applicants’ information. The applicants were sent emails, offering them access to confidential information regarding their admission file for a fee.
Each applicant ended up paying more than $3800 for their file. Hackers not only made money, but also got hold of valuable personal data including names, addresses, birthdays, and so forth.
A very expensive breach.
The University of Greenwich had to cough up £120,000 ($160,000) as fine for a security breach which compromised personal data of 19500 students. Interestingly, Greenwich is the first university to be fined under the Data Protection Act of 1998.
Hackers acquired the data from an unprotected microsite dating all the way back to 2004. The microsite was developed by the university to keep data secure. They knew it was a blunder, which is why they never appealed against the enforcement agency's decision.
Social Security numbers and personal health data compromised.
A malware attack on portable hard drives containing confidential patient information was breached. In February of this year, Washington State University (WSU) settled a class-action suit for the data breach that impacted 4.5 million people.
The suit was filed by victims who claimed WSU’s data security was at best ‘questionable’. The hard drives were used to create a weekly backup of research data which went through several handoffs. These exchanges were poorly monitored, causing malware.
Breach exposed data of students and their families.
Personally identifiable information (PII) of 636 students and their families were compromised. This was due to an employee falling prey to a phishing scam. The victims were those who had previously interacted with the employee’s email account.
Personal data of 326,000 patients compromised.
UConn Health is the academic wing that oversees education in medicine, biomedical research, and clinical care. In an unfortunate incident, a hacker accessed employees’ email accounts which compromised patient names, addresses, social security numbers, medical records, and so on.
In fact, UConn Health and its parent body, the University of Connecticut are facing a class-action lawsuit following the data breach that puts the identities of several patients at risk.
University data breaches is a wakeup call for IT admins, tasked with securing confidential information of students, employees and other stakeholders. You need to be a step ahead of hackers to save the university from public embarrassment and expensive lawsuits.
Pulseway lets you remotely monitor and manage your IT infrastructure effortlessly. Be on top of everything happening in your infrastructure and neutralize issues before they can cause any real damage — all from a single pane of glass.
Share on
Check out our recent stories from our blog that our editors selected for you