Friday, September 17, 2021
HomeSchoolsData of 62 Colleges Breached Due to Software ‘Vulnerability'

Data of 62 Colleges Breached Due to Software ‘Vulnerability’


A vulnerability in Ellucian’s Banner software used by colleges for their admission and enrollment processes was being used by hackers to access private data of students, the Federal Student Aid Office of the Department of Education said in an alert.

At least 62 colleges and universities across the United States have reported a breach in their systems. The Education Department said that the attackers used previously identified vulnerability in the Ellucian Banner system to breach the admissions and enrollment section of the affected system and created thousands of fake student accounts.

The Department noted that the vulnerability only occurs in Ellucian Banner Web Tailor versions 8.8.3, 8.8.4, and 8.9 and Banner Enterprise Identity Services versions 8.3, 8.3.1, 8.3.2, and 8.4.

“Criminal elements have been actively scanning the internet looking for institutions to victimize through this vulnerability and developing lists of institutions for targeting with this exploitation,” the alert said.

“It has been reported that at least 600 fake or fraudulent student accounts were created within a 24-hour period, with the activity continuing over multiple days resulting in the creation of thousands of fake student accounts. Some of these accounts appear to be leveraged almost immediately for criminal activity.”

Institutions that use the banner system have reported that it affects various aspects of the academic administration, including the administration of student financial aid, which has concerned the Department fearing that its data could also be at risk.

Meanwhile, Ellucian denied the link between the breach and vulnerability in its system and reported it had already released a patch in May, which makes it nearly impossible to breach student or institutional data.

“Patches for this vulnerability were issued by Ellucian on May 14, 2019, and are included in all subsequent roll-up software releases,” Ellucian statement reads.

“The patched vulnerability is extremely difficult to exploit and unlikely to occur outside of a laboratory setting.”

Colleges At Increased Risk of Cyber Attacks [Report]

You Might Also Like

Latest Posts

Petition to Remove ‘Racist’ Albion President Gathers Momentum

An online petition to remove Albion College President, alleging that he has neglected several cases of racism and harassment on campus, has received 1,500 signatures so far.

Alabama to Raise $1.5 Billion for Scholarships, Athletics

The University of Alabama has officially unveiled the “Rising Tide Capital Campaign” to raise $1.5 billion by 2026 to support major campus improvements.

Central Florida Opens Peer Mental Health Support System

The University of Central Florida has launched a mental health support system for college students struggling during the COVID-19 pandemic.