Trending Now

Menu
Search
Headline
Insights into Common Snapping Turtles: From Behavior to Preservation
DIY Acrylic Nails: A Step-by-Step Guide to Applying Nail Powder at Home
AMD Brings Performance Improvements for Ryzen CPUs to Windows 11 Stable Release – PC – News
The United States won gold in the team relay on the opening day of the mountain bike world championships
The United States won gold in the team relay on the opening day of the mountain bike world championships
ANWB introduces automatic shutdown function against night blocking rates – Image and sound – News
EU to investigate whether Telegram lied about user numbers – IT Pro – News
Rumor: PlayStation 5 Pro to be revealed in September, looks like a ‘Slim’ – Gaming – News
Lenovo Product Manager: Intel Still Working on Arrow Lake Halo Processor – Computer – News
Juridisch adviseur breekt met Shima Kaes om voorgestelde afkoopsom Johnny de Mol
Legal Counsel Splits From Chima Kayes Over Lump Sum Proposed By Johnny De Mol | RTL Street

Details of 60 thousand recoveries on the street after a DUO error

Details of 60 thousand recoveries on the street after a DUO error
science
Courtney Horton

Details of 60 thousand recoveries on the street after a DUO error

News and politics24 Jun 24 06:00Edited on 24 Jun 24 at 11:10authors: Lisane Witschgers and Erik van den Berg

Email addresses of 60,000 people struggling with student debt briefly appeared online due to a data breach at the Education Executive Agency. An ethical hacker discovered the data breach on the evening of May 30 and reported it immediately.

Earlier that day, DUO sent a survey to 60,000 people struggling with student debt, asking them questions about their financial situation. DUO used software from the Swiss company Survalyzer, which turned out to be unsafe. This gave the hacker access to 60,000 recoveries’ email addresses. Because many email addresses contained names, it was often clear who the debtors were.

The National Union of Students (LSVb) is not happy about the refunds being out. “This is very bad and harmful.” (Afghan National Police/Afghan National Police)

“Very bad and harmful”

The National Students Union (LSVb) is not happy about this Outside Of recoveries. ‘This is very bad and harmful. “Whether you have student debt or not is very sensitive information,” says board president Elissa Wehuizen. According to her, many students feel ashamed of their student debt. “There has to be some awareness that people work here.”

Experts warn that the leak could also be exploited by criminals for fraud. “In addition to the email address and maybe the name, you now have a little bit of context about this person and their situation,” says Roos Dijkxhoorn, founder of cybersecurity firm Purasec.

Cooperation with an external party

Dijkxhoorn questions why DUO would share recoveries’ personal data with a commercial party like Survalyzer in the first place. “This might be possible by doing thorough research on the security of such a platform beforehand, but it seems like this kind of sensitive information is handled too easily.” The security expert warns that if this information falls into the wrong hands, it could be used for targeted phishing attacks. The more information available about a person, the greater the chance of success in such an attack.

Data on DUO employees, schools and municipalities are also available

Because DUO conducted numerous surveys using Survalyzer, the email addresses of schools, municipalities, and DUO employees were also publicly available, and ironically also the email addresses of employees of DUO’s Security Operations Center.

The research and data were taken offline on May 31. DUO reported the incident to the Dutch Data Protection Authority (AP). According to the enforcement agency, only the hacker who discovered the leak saw the email addresses.

Survalyzer hired an external security firm to investigate the leak. DUO is also looking into how to prevent these types of incidents in the future.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top