The University of Hyderabad (UoH), a prominent academic institution in India, finds itself entangled in a cybersecurity challenge as a recent data breach seems to have affected the top management and students of the institution.

Speaking to The Cyber Express, senior faculty members and top management expressed surprise over the University of Hyderabad data breach, which has left students worried over the repercussions.

The university is situated in Telangana, a state in southern India and had recently achieved a prestigious ranking of being among the top 12 per cent of universities worldwide for international students.

Decoding University of Hyderabad Data Breach

The UoH data breach was first reported in the last week of May 2024. A Threat Actor (TA), who used the alias “nik20”, shared a post on the data breach site BreachForums.

The TA claimed to possess a database stolen from the university, allegedly in SQL format, a common database language used by many websites and applications.

What Was Leaked?

• User ID: A unique identifier assigned to each user within the UoH system.
• User Login: The username or credential used by users to access UoH online services.
• Hashed User Password: Passwords are typically stored in a hashed format, a one-way encryption process that makes it difficult, but not impossible, for attackers to decipher the original password.
• User Nickname: An optional field that users may choose to display instead of their full name.
• User Email Address: The primary email address associated with the user’s account in the university. This is a critical piece of information often used for communication and account verification purposes.
• User URL: Potentially a link to a user’s profile page or other online presence associated with the UoH account.
• User Registration Date: The date the user created their account within the UoH system.
• User Activation Key: A unique code used to verify a user’s email address during the account registration process.
• User Status: An indicator of the user’s account status, such as active, inactive, or suspended.
• Display Name: The name a user chooses to be displayed within the UoH system which may differ from their actual name.
• Access to spam and deleted messages’ folders of the users.

The TA shared that few of the users whose accounts were reportedly compromised included the UoH’s Admin, Public Relations Officer (PRO), UoH Herald-newsletter of the university and Vasuki Belavadi- a former dean and professor at the Department of Communications.

The post by the TA also suggested that the database was originally dumped on BreachForums in March 2023. There is a possibility that “nik20” obtained the data from a previous breach that wasn’t widely publicized or that the information is outdated.

University of Hyderabad Database Leak: University Puzzled but Promises Action

When The Cyber Express spoke to stakeholders at the university regarding the data breach, they initially expressed shock but later accepted the possibility of a breach owing to their previous experiences.

A student named Balakrishna, who is currently pursuing PhD at the university, was apprehensive and shared that he was concerned over his research papers being compromised due to the data breach.

However, Sanjay Kumar Sharma, Director, Computer Network Facility, UoH, who is responsible for all technology related undertakings at the institute, was confident that the breach was not alarming as sensitive data was not compromised.

“Previously there was a similar hack in the School of Life Sciences. So there is a possibility of this data being breached too. However, I can assure you that the data that could be breached is not that sensitive since it could only contain research material from students, which is publicly available anyway,” he said.

“We will be constantly checking what is happening. There have been many data breach attempts previously, and our security is such that the attempt was rendered disabled in the initial stages itself. I agree there could be deficiencies and we will keep improving. We will cross-check this data breach and alert all our users. We will not take it casually,” Sanjay added.

User Vigilance Can Help Avoid Cyber Incidents

While the University of Hyderabad investigates the situation, users outside can take cue from this breach and take a few healthy steps to protect themselves. This includes being wary of phishing attempts by hackers, monitoring suspicious links and keeping an eye out for any unusual activity on their accounts, such as unauthorized login attempts or changes to their profile information.

They can also enhance their security measures by enabling Two-Factor Authentication (2FA) and change their passwords regularly.