Another day, another data breach: Thai students’ data hacked, sold on dark web
The personal information of over 23,000 students has been stolen as a result of the Thai University Central Admission System being hacked. According to a Bangkok Post report, the security breach has been confirmed by the Council of University Presidents of Thailand. It’s understood the data, which pertains to over 23,000 students who took part in last year’s exams, has been sold on the dark web. It includes names, grades, and identity card information.
CUPT says the stolen data is part of 826,250 files in the TCAS database and was entered into the system during the third round of exams in May of last year. The council believes the files may have been exported by a university employee who would have access to the information in order to rank applicants in accordance with the university’s selection criteria. It has pledged to file a police complaint and take legal action against the person or persons responsible, according to the Bangkok Post.
Amorn Chomchoey from the National Cyber Security Agency has also suggested that the information could have been leaked through human error, if not enough care was taken when exporting the data. According to CUPT, last year’s admissions database was shut down in December, with this year’s version upgraded to offer enhanced protection of student data.
“CUPT apologises for the impact on personal information. In light of the incident, it is reviewing the database and working procedures with the support of the National Cyber Security Agency.”
SOURCE: Bangkok Post