An online mathematics resource with a huge Australian user database appears to be behind the large-scale data leak touted online as a data set which belongs to the Australian Department of Education. The Chief Technology Officer at cyber security intelligence company Hudson Rock, Alon Gal says the dataset belonged to the Australian Department of Education, which does not exist.
Images of the dataset falsely appear to contain data of an unknown number of individuals, including with wa.edu.au and vic.edu.au email addresses. The leak also contained the names and hashed passwords of the individuals.
Actor hacked and dumped the Australian department of education’s database containing 1,000,000 records of students, teachers, and staff.
The leak contains information such as emails, names, and hashed passwords. pic.twitter.com/MmewoWPuWE
— Alon Gal (Under the Breach) (@UnderTheBreach) September 1, 2020
More on the Australian education data leak
On 1st September, Gal said on Twitter that the hacked dataset has about 1 million records of teachers, students and staff. But by the afternoon of 2nd September AusCERT (Australian Computer Emergency Response) team had traced the suspected source for the data leak, which it said was not a government agency.
Working with Cosive, AusCERT found substantial signs that the leaked data is a re-publish of a dataset published in March 2020 or earlier and relating to a service called K7Maths. K7Math is an online database maths resource which has more than 100,000 teachers across the globe making use of it in the classrooms. The Transport Layer Security (TLS) on the site of K7Math also correlates with what appears to be their Australian presence, said AusCERT.
AusCERT on K7Math and the data leak
Long story short, AusCERT denies that the hack ever took place and says it is likely that the data came from an exposed Elasticsearch instance. AusCERT thinks that the only personal information in the leak is countries and email addresses, which would most-likely not count as a notifiable data breach.
However, the cyber response team says their investigation is incomplete and adds that the compromised password hashes are harder to crack than usual as they use the algorithm of standard bcrypt.
The non-profit organization has now urged Australian schools to check if their teachers and staff members use K7Maths and take appropriate measures like resetting the student and teacher passwords. It also suggested staff accounts to monitor and keep an eye on suspicious login attempts in case their account is compromised.
For more updates and latest tech news, keep reading iTMunch