CySecurity News – Latest Information Security and Hacking Incidents
More than 100,000 files including student records from the British Council were discovered online. A cybersecurity firm uncovered an unsecured Microsoft Azure blob on the internet, which revealed student names, IDs, usernames, email addresses, and other sensitive information. The British Council, founded in 1951 in London, is a British organization that promotes worldwide cultural and educational possibilities. It works in over 100 countries to promote cultural, scientific, technological, and educational interaction with the UK as well as a better understanding of the UK and the English language.
Clario, a cyber security firm, and security researcher Bob Diachenko discovered the breach on December 5th, 2021, and immediately contacted the British Council. According to the researchers, a public search engine identified an insecure Azure blob container containing hundreds of readable Excel spreadsheets and XML/JSON files. Personal information of hundreds of thousands of learners and students of British Council English courses from throughout the world was contained in these files. The researchers note that it is unclear how long this content was available to the public online without authentication.
The British Council issued a statement about the incident on December 23rd, “The British Council takes its responsibilities under the Data Protection Act 2018 and General Data Protection Regulations (GDPR) very seriously. The Privacy and security of personal information is paramount. Upon becoming aware of this incident, where the data was held by a third-party supplier, the records in question we
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: