The personal information of thousands of TU/e students has fallen into the hands of cyber criminals after the IT company supplying the pass system to the school was hacked. Employees of the university and companies on campus are also among the victims. In total, the data of 21,000 pass-holders is at stake.
RTL News reports.
The files captured by hackers contained students’ full names, private email addresses, residential addresses, birthplaces, student numbers and pass numbers. That data was published on the dark web, the hidden part of the internet. According to a university spokesperson, the data cannot be directly misused. For example, malicious parties cannot gain access to data or TU/e buildings. However, there is a danger that hackers could use the captured data to scam people by e-mail.
Dave Maasland of ESET Netherlands (an internet security organisation) says “If you receive an e-mail on behalf of the school or another authority, in which they can mention your pass number and other data, you are more likely to click on a link. It’s all about combining data. The more you have, the more reliable a scam email looks.”
More data on the street than expected
Initially, the IT company ID-ware, which also supplies the access system to the Senate and House of Representatives, thought that only 1,800 passes had been captured by the criminals but it turned out to be more, namely 21,000. There is a chance that more datasets are on the streets, but this is still being investigated. All those affected have received an e-mail from TU Eindhoven.
Translated by: Simge Taşdemir