We start the week by discovering the news about a security breach that is going to cause a lot of talk. It has just been recognized by the Manager of one of the most important universities in Spain that has suffered a security problem in which the data of students and former students has been exposed.
From the University of Alicante they have sent a message in which they explain how, on April 11, they detected a security breach that could have affected the Alumni system. This means that the personal data of both active students and alumni could have been affected. What else does this incident imply?
Consequences of the attack
The good news is that, as reported by the UA, the team at the head of its Information Security Division detected the incident before the situation got worse. From that moment on, they set to work to minimize the effects of the breach so that the consequences would not be as forceful as they could have been.
However, that does not mean that there are no problems arising from the incident. The data that has been filtered is, as indicated, of an identifying, administrative and contact nature. This implies that, if you have been a student at this university or if you are currently one, your name, your surname, the email address you use with the address @alu.ua.es, your DNI number and other information may have been leaked. as your Alumni service password.
It is specified that, however, it does not mean that, because you are a student or former student, this data has been leaked. It’s possible that you didn’t have this data built into the system, so in that case, you have nothing to worry about. Likewise, it may also arise that the data is outdated, in which case you should not be overwhelmed by the security breach either.
Gap in a secondary environment
This is the most important thing that has happened in the cyber incident that the University of Alicante has suffered. As mentioned, the affected system is not connected to the rest of the UA environment, so the security of the entire university system has not been broken. Furthermore, seeing that there was no obstacle to this, the university has acted quickly by disconnecting the system that suffered the breach.
In the message sent by the University of Alicante they confirm that, in relation to the above, access to UACloud nor to the main UA system has been affected. The data that has been exposed does not provide access to this and therefore does not pose an immediate risk to worry about. But as they report, it is true that this information can be used by cybercriminals with the intention of carrying out phishing or spamming attacks.
For now, the Alumni system will remain offline until an updated version is available. This will allow you to use it again without any fear. However, as recommended by the UA, it is advisable to change the password and also modify it in any other service in which you may be using it. Consider that criminals could cross-reference your first and last name with other online services, try to use that same password and perhaps access other of your accounts. Therefore, it is better to change passwords and be as careful as possible.
In addition to using the double authentication system, you need to be alert to possible suspicious messages you receive. You never know how scammers who could have benefited from access to your data stored on this university’s system may try to trick you.
