Data of the students applying for the admission hacked in 3 U.S. Colleges

Three colleges across United States were hacked, and the hackers are now seeking ransom to hand over the information.

In recent times, Hamilton College in New York, Ohio's Oberlin College, and Grinnell College based in Iowa were targeted by the hackers who stole data of the students applying for the admission to these colleges, as per The Wall Street Journal. Staff members of the college were duped by the hackers, who got their passwords. Soon after, the hackers took control of the databases that have student applicant information.

The hackers who stole data are now demanding ransom of one bitcoin - traded currently at around $3,800 - from the students to regain their "entire admission file" that contains admissions department comments, teacher recommendations, and more.

As per The Wall Street Journal, all the 3 colleges are using a platform known as Slate, a famous software system, from the Technosolutions to manage the admissions processes. Once the hackers access the college networks after gaining passwords, they reportedly targeted Slate software that is running on college networks and then obtained the data. The Slate software is used by over 900 universities and colleges worldwide. Alexander Clark, Technolutions chief executive, said that they have not heard of any other affected colleges.

In an interview, Clark has told the Journal that the company is in touch with all this three colleges after hacking. Clark added that he has requested they "review the security practices of their single sign-on and password reset systems".

The hack has followed a script that is often used by the hackers to have access to the sensitive data. A phishing e-mail was first created by the hackers to dupe the users into believing that it is legitimate, then get somebody to unknowingly provide the credentials, and finally steal the data. Moreover, the Single-sign on in these incidents paves way for the hackers to steal the data by only gaining access to a password. Now-a-days many security experts suggest people to use the two-factor authentication system, which includes entering a password along with a code that was sent to their smartphones or e-mail for verifying their identities.

In interviews with Journal, the three colleges said that the matter is getting investigated and they are informing the affected students.

» SPAMfighter News - 3/29/2019