ADVERTISEMENT

Prestigious Russian university puts student data at risk

Bauman University, the second oldest educational institution in Russia, had its internal system exposed, putting student data at risk

Bauman university data leak

By Cybernews

Paulina Okunytė
Paulina Okunytė Senior Journalist
Jun 8, 2023 3 min read
  • Primarily based in Moscow, Bauman Moscow State Technical University is the second oldest university in the country. The university's history and prestige make it a highly sought-after choice among students.
  • A publicly accessible environment file (.env) exposed the university’s sensitive credentials, giving threat actors access to the university’s database and official communication channels.
  • Attackers could’ve exploited the leaked credentials for spear-phishing campaigns, identity theft, fraud, and ransomware attacks.
  • Cybernews contacted Bauman University, and the issue was fixed.

Access to internal systems

ADVERTISEMENT

Hijacking official communication

  • Database credentials
  • SMTP host, username, and password
  • Admin login credentials to the electronic application system for prospective students

Multiple risks

Staying safe

  • Reset the credentials for its databases and application system
  • Change the email address password, choosing a strong and randomly generated password
  • Instruct students and staff on how to recognize phishing emails and what procedures to take when opening certain attachments or emails.
ADVERTISEMENT