Did a threat actor lie about orchestrating a data breach containing sensitive data about 8,000 students and faculty of a university in India? VIT Bhopal, the university in question, says so and has shared proof with The Cyber Express debunking the hacker’s claims. The university also felt that the hacker’s failed attempt to carry out a cyberattack was only to “garner attention and notoriety.”
What Was VIT Bhopal Data Breach Claim?
VIT Bhopal was established in 2017 and is a deemed university located on the outskirts of Bhopal, the capital city of the state of Madhya Pradesh. The institution is authorized by the University Grants Commission (UGC), which is a statutory organization of the Government of India for the maintenance of standards of teaching, examination, and research in university education.
VIT Bhopal ranks among the top universities in India. As per the National Institutional Ranking Framework (NIRF) Ranking, it stands in 65th position amongst all the universities in India.
On June 10, 2024, a threat actor, operating under the name “lucifer001,” claimed on the notorious data breach site BreachForums that they had carried out a cyberattack on the university’s website.
According to the post, the threat actor shared screenshots and claimed to possess the following information:
- ID: Unique Identification number assigned to each student and faculty member of the university.
- Username: Login credentials of all the stakeholders used to access university portals, maintain and share records, post newsletters, and research materials confined to the institution.
- Full name: First and last name of the students and faculty of VIT Bhopal.
- Email: Email addresses of stakeholders, which is the official mode of communication for announcements, course materials and student-faculty interactions.
- Password: To access personal accounts and university resources.
- User Activation Key: A unique code allegedly required for initial account activation or password resets.
VIT Bhopal Refutes Data Breach Claim
The university responded to the data breach claims and said that the information shared by the cyberattacker was to “gain attention and notoriety through dubious and illegal methods.”
Sharing a point-by-point explanation debunking the claims, Dr G Vishnuvarthanan, Assistant Director, Centre for Technical Support, VIT Bhopal University, said, “I would like to provide some invaluable findings and suggestions from our end, which need to be treated as a rebuttal.”
After an internal investigation, the university found that the hacker only “leaked insignificant” info from a dummy Application Programming Interface (API), which was not protected.
“It is crucial to clarify that the alleged breach involved a dummy API endpoint, intentionally open for various third-party integrations with the university’s website. This endpoint contains only dummy data, designed explicitly for testing and integration purposes, and does not include any real or sensitive information,” Vishnuvarthanan explained.
He then went on to clarify that in its investigation of the data breach claim, the university found that the hacker accessed only eight rows of dummy data, which contained nothing of significance.
“VIT Bhopal University takes data security very seriously. Upon learning of the alleged breach, the university immediately conducted a thorough review and investigation. Despite our confidence in our security measures, we verified that only 8 rows of dummy data from the dummy API were accessed. This data has no significance and was part of the publicly available integration tools,” Vishnuvarthanan said.
The University stated that it follows industry-standard data security practices and tools to ensure the safety of student and faculty data.
He ascertained the university’s commitment to data security based on four core practices:
- Regular Security Audits: Conducting periodic security audits to identify and address potential vulnerabilities.
- Advanced Encryption: Utilizing advanced encryption techniques to protect data at rest and in transit.
- Access Controls: Implementing strict access controls to ensure that only authorized personnel can access sensitive information.
- Incident Response Plan: Maintaining a comprehensive incident response plan to swiftly address any security incidents.
Cyber Attack Threat: A Challenge to Digital Assets
While the VIT Bhopal data breach claim turned out to be a hoax, cyber threats around the globe is a matter of concern, and are continuing to evolve in sophistication and scale. It is not just organizations but consumers too who face an ever-growing challenge to safeguard their digital assets.
To brace this challenge, Cyble, a leading force in AI-based cybersecurity, recently unveiled AmIBreached 3.0, its dark web engine.
What is AmIBreached?
AmIBreached 3.0, developed by Cyble offers advanced tools to identify, prioritize, and mitigate dark web risks. This comprehensive platform accesses over 150 billion records from breaches, hacking forums, and discussions, providing organizations with critical insights into hidden threats. With real-time monitoring and actionable intelligence, AmIBreached 3.0 helps organizations and individuals proactively address and manage emerging cyber threats efficiently.