Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Children's Data. Show all posts
Student Data
Appscook Children's Data Data Breach Digital Ocea Personal Data Student Data

Appscook Data Breach: App Used by Hundreds of Schools Leak Children’s Data


In a recent investigation, a team of security researchers from cybersecurity firm Cybernews found that IT company Appscook – which develops applications used by more than 600 schools in India and Sri Lanka for academic management – leaked a startling quantity of private information, including birth certificates, home addresses, and images of minors.

Nearly a million confidential data were stored in a DigitalOcean storage bucket that was accessible to everybody without the need for authentication. Given that the majority of the compromised files reveal children, leaking private information online in this instance is extremely dangerous.

The stolen data included:

  • Students’ names
  • Names of parents
  • Pictures of students attending pre-primary, primary, and secondary schools
  • Names of the schools' children attend
  • Birth certificates
  • Fee receipts
  • Student report cards/exam results
  • Home addresses
  • Phone numbers

The company's 96 school-specific apps are designed to facilitate online learning and allow parents and schools to communicate directly about their child's daily activities and academic progress. Over a million parents and over half a million pupils use the platform, according to the company's website.

Cybernews attempted to contact Appscook over the issue, but did not receive any response. 

A Major Threat to Students

The data leak has raised concerns over the possible exploitation of the personal information by the cyber criminals. The disclosure of personal details, including home addresses and images, raises the unsettling possibility that unscrupulous individuals may try to coerce parents out of their children by taking advantage of their vulnerability.

According to Vincentas Baubonis, Information Security Researcher at Cybernews, “The leaked data about minors could have dire consequences, as this information can put children at physical risk by revealing their daily whereabouts. It can also be used by someone with malicious intent to impersonate school officials or manipulate children and parents.” 

Threat actors could use the compromised personal information for identity theft, fraud, and targeted phishing attacks against the parents of these children, even though children might not be as vulnerable to digital fraud as adults are.

However, in the worst-case scenario, this data breach can increase the risk of child abuse. The researcher claims that uploading photos of kids online can draw unwelcome attention, even from predators.  

Read more »
Subscribe to: Posts (Atom)