Data of Andhra University students, staff on dark web

Vijayawada: In a major cybersecurity concern, the personal data of 46,160 individuals associated with Andhra University has allegedly been compromised and leaked online. The breach reportedly came to light after a user on a dark web cybercrime forum claimed to have posted a database containing sensitive information belonging to students and staff of the university.

According to details shared on the forum, the leaked dataset includes a wide range of personal and academic information.

The exposed records allegedly contain full names, dates of birth, phone numbers, email addresses, enrollment numbers, programme names, father’s names, residential addresses, batch details, and academic validity periods. In addition, links to student photographs and digital signatures were also reportedly part of the data dump, raising serious concerns about identity theft and misuse.

Cybersecurity observers noted that the breach was publicly exposed online on Tuesday, although preliminary indications suggest that the actual compromise may have occurred last month. The delay between the suspected breach and its public disclosure has heightened concerns about the potential misuse of the data during the intervening period.Continued

The leaked information is believed to have originated from the Edusphere Platform, which is understood to be a technology partner providing digital services to Andhra University. Investigators and cybersecurity analysts pointed to the alleged vulnerability of the platform’s website, edusphere.in, whose SSL certificate had reportedly expired some time ago. An expired SSL certificate can make a website more susceptible to cyberattacks, data interception, and unauthorised access if not promptly renewed.

If confirmed, the breach could have serious implications for thousands of students, alumni, and staff members. Experts warn that exposed personal and academic data can be exploited for phishing scams, financial fraud, impersonation, and other forms of cybercrime.

As of now, there has been no detailed official statement confirming the extent of the breach or clarifying the immediate steps being taken to secure affected systems. Cybersecurity professionals emphasise the need for a thorough forensic audit, immediate containment measures, password resets, and enhanced data protection protocols.

The incident underscores the growing vulnerability of educational institutions to cyber threats and highlights the urgent need for robust digital infrastructure, regular security audits, and strict compliance with data protection standards to safeguard sensitive academic records.