;

Teen Tells DEF CON How He Hacked Millions of Student Records From Popular Education Software

Teen Tells DEF CON How He Hacked Millions of Student Records From Popular Education Software

During Demirkapi’s freshman year, a mixture of boredom and aimless ambition led he to start investigating the companies’ interfaces. In Blackboard’s Community Engagement software alone, he was able to access records for roughly 5 million students, everything from their phone numbers to their class schedules, by exploiting common bugs like “so-called SQL-injection and cross-site-scripting vulnerabilities,” Wired reported. He found similar bugs in Follett’s Student Information System, including student passwords that some genius left unencrypted for any fledgling security researcher like him to see.

“The access I had was pretty much anything the school had. The state of cybersecurity in education software is really bad, and not enough people are paying attention to it, said Demirkapi according to Wired’s report.

admin

Read Previous

Amazon and Capital One face lawsuits after massive hack affects 106M customers

Read Next

Feds Issue Warning About Mass-Shooting-Related Scams, Malware

Leave a Reply

Your email address will not be published. Required fields are marked *