© 2022 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Cyber-college falls for password-hacking scam

A university that offers cybersecurity degrees has suffered the embarrassment of being hacked itself, exposing the records and credit card details of thousands of past and present students.

Deakin University in Australia issued a notice on its blog saying it “became aware of an incident in which a staff member’s username and password was hacked and used by an unauthorised person to access information held by a third-party provider.”

The attack was carried out on July 10, in which a threat actor impersonated the third-party contractor – commissioned to contact students regarding university-related matters via SMS – to send bogus messages containing a phishing link to nearly 10,000 victims.

“Anyone who clicked on the link was taken to a form which asked for additional information including credit card details,” said the university. “In addition to sending the SMS, the unauthorised person downloaded the contact details of 46,980 current and past Deakin students.”

The harvested details included student names, IDs, mobile numbers, university email addresses, and “special comments including recent unit results.”

Deakin says it has contacted the authorities in the state of Victoria, Australia, and put a stop to the scam messages, though at the time of writing the attacker has yet to be identified or apprehended.

On its website, Deakin advertises its cybersecurity course thusly: “Study at Deakin and gain the skills to understand cyber issues and ways to identify, diagnose, and resolve these challenges.”

It adds: “The professional experience you gain ensures you’ll be well-armed to apply your learning in the workplace and deal with imminent threats and challenges emerging from the digital space.”

More from Cybernews:

Most Common Passwords 2022 - Is Yours on the List?

Tech startup CTO: nobody likes passwords

Are passwords obsolete?

"Issue is out of control": 24 billion passwords leaked on the dark web

Fortune 500 companies' passwords can be hacked in a second

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked