Over 1 Million Students’ Personal Info Exposed on Unsecured Database

Exploit: Data Breach, Misconfiguration
Company: OneClass
Industry: Education
Source: https://www.vpnmentor.com/blog/report-oneclass-breach/

A recent routine Internet scan discovered an unsecured online database that belongs to education service provider, OneClass. Once informed of the situation, the Canadian company acted quickly in response to the leaky database securing it within 24 hours. Although the company had reacted well, the discovery was too late as over 1 million students and rejected membership applicants had their personally identifiable information compromised.

The 27 GB database that was compromised held 8.9 million records including full names, email addresses, schools/universities attended, phone numbers, enrollment data, test results and other account details. While OneClass is stating that no payment or financial information was believed to be affected, there could enough information to build targeted phishing campaigns and sold on the Dark Web.

For anyone possibly affected by the OneClass breach, it may be wise to change their passwords used on other platforms/accounts, monitor financial accounts, and possibly even look into dark web monitoring services over the next few months. Those affected should remain vigilante and be aware of any emails looking to extract further sensitive information.  

Protect Your Business Against Modern Cyber Threats

More than ever, organizations of all sizes have been facing a historical rise in cyber attacks and data breaches. Talk to a cyber security expert today and find out how we can provide expert consulting and a portfolio of Cyber Security solutions designed to protect your organization against today’s most prevalent threats.