The names, contact numbers, and other personal information of around 130 unvaccinated students at California State University (CSU) – Chico have been posted on an anonymous internet message board without the consent of the people involved.
The apparent data breach was detected in an article about filing religious exemptions to a COVID-19 vaccine mandate, according to a report by the Sacramento Bee. A commenter shared a link to a spreadsheet containing the detailed explanations of those requesting vaccine exemptions.
The leaked document shows that almost half of the requests were approved by school administrators, while many appeals were denied and resubmitted for approval.
CSU – Chico is requiring employees and students to get COVID-19 vaccinations before attending in-person classes in the fall. However, the school clarified that it is willing to grant exemptions for medical or religious reasons.
Investigation Under Way
The spreadsheet allegedly revealed those requesting vaccine exemptions include NCAA athletes, incoming students, and residents of university dorms.
The report also stated that most of the 130 students cited “Christian beliefs” as the reason for not wanting to be vaccinated. One student was even approved because they believe the vaccines are “unclean,” comparing them to food not sanctioned by Jewish law.
Furthermore, several students said they believe in healing through prayer. Sacramento Bee reports that these petitions were approved by the university, citing the leaked spreadsheet.
According to CSU – Chico public relations manager, Andrew Staples, the university is aware of the leaked spreadsheet. CSU is investigating what and who caused the breach. He also said the school is “taking a number of proactive steps to protect students’ confidential information.”
Colleges Bracing for Cyberattacks
Many academic institutions in the country recognize that cybercriminals have stepped up attacks to extort vulnerable schools for profit, according to a report by The Hill.
As in-person classes recommence, these institutions are reportedly preparing for possible ransomware attacks, phishing emails, and identity theft, especially amid rising cybersecurity breaches in the US.
“It’s directly tied to back-to-school, and I think there is somewhat of a preparation dynamic going on. There is this motion to seed schools with malware in preparation for major cyberattacks down the road, and I think that’s why we see it in July as these schools get back up and running,” a spokesperson from cybersecurity group Check Point Software told the Washington-based media firm.