The Chinese University of Hong Kong (CUHK) is currently grappling with a significant data breach that has exposed the personal information of 20,870 individuals, including students, staff, and alumni. The breach was first detected on June 3, 2024, prompting swift action from the university to investigate the incident and identify the responsible parties.
Established in 1963, CUHK is renowned as one of the top research universities in China. The cyberattack targeted the School of Continuing and Professional Studies (CUSCS) at CUHK on June 1, 2024. Following the discovery of the breach, CUSCS initiated an investigation on June 3 with the assistance of an information technology security consultant. The investigation revealed that the university’s Moodle learning management system had been compromised by hackers.
Moodle is an open-source platform used for creating customized online learning environments for educational institutions. The breached data from CUHK included the names, email addresses, and student numbers of 20,870 individuals associated with Moodle accounts at the university. Despite assurances from university officials that the sensitive information was not publicly disclosed, it was discovered on the dark web domain BreachForums.
A threat actor known as “Valerie” claimed responsibility for the data breach and announced intentions to sell the stolen data. The actor stated that a portion of the data had already been sold to a private entity that financed the breach, while the remaining data was made available for public purchase. To validate the authenticity of the data, samples were provided by the threat actor, containing detailed personal information of the victims.
In response to the breach, CUHK took immediate action by deactivating affected accounts, resetting passwords, and enhancing security measures on its online platforms. Additionally, the university reported the incident to local law enforcement authorities and the Office of the Privacy Commissioner for Personal Data (PCPD) in compliance with established protocols. A crisis management team was also established to assess the risks and manage the repercussions of the breach.
This cyber incident marks the latest in a series of attacks targeting educational institutions in Hong Kong. Prior to CUHK, the Hong Kong Institute of Contemporary Culture and Union Hospital had also experienced ransomware attacks, leading to data leakage and operational disruptions. The increasing frequency of cyberattacks on institutions underscores the pressing need for robust cybersecurity measures and diligence in safeguarding sensitive information.
As investigations into the CUHK data breach continue, both the university and relevant authorities are working to identify the perpetrators and mitigate the impact on affected individuals. The incident serves as a stark reminder of the evolving threat landscape in cyberspace and the importance of vigilance in defending against malicious actors seeking to exploit vulnerabilities for personal gain.