CloudSEK CTI Team has discovered a data leak that contains the sensitive information of over 200,000 students who had appeared for CAT 2019, the principal entrance exam for MBA admissions in India.

 

Discovery of the leak

CloudSEK’s Cyber Threat Intelligence Team (CTI) discovered a post, on a database marketplace, advertising PII of more than 200K students who had appeared for the Common Aptitude Test [CAT] Exam of 2019, in India. 

The post was published on 17 Sep 2020 at 03:05 PM (IST). The poster claims to have 200,000 students’ records, in clear text format. Records shared by the actor are relevant to the year 2019. 

 

The contents of the leak

The sample records has the following schema’: 

• Applicant Name
• Email Address
• Mobile No
• Father Name
• Category
• State
• Town/City
• Pincode
• Total Percentile
• HSC/Diploma Complete Aggregate Marks
• Bachelor Degree One – Completed
• Bachelor Degree One – Name
• Bachelor Degree One Discipline
• Bachelor Degree One – Complete Aggregate Marks
• Bachelor Degree One – Duration

 

Data verification and validation 

Using public sources we were able to verify the leaked data. 

 

Impact 

• PII including email addresses and phone numbers have been exposed as a result of this breach.
• Threat actors can misuse Personally Identifiable Information to carry out social engineering activities, phishing attacks, or even identity theft.
• This breach will let unauthorized personnels to view a candidate’s academic details along with their test scores.
• Source of this leak is still undisclosed; if the technical vulnerability that caused the leak persists, then such attacks would happen again unless it is patched.