Expert Comment On News: Institute Of International Education (IIE) Leaks Student Personal Data With Two Exposed Databases

An interesting story has run on exposed databases.

According to a story in Infosecurity Magazine, a US education non-profit, the Institute of International Education (IIE) has unwittingly leaked the personal information of thousands of students after leaving two online MongoDB databases exposed.

The database contained links with active access token to documents stored elsewhere. These links were to passport scans, application forms, visas, emails as well as other documents. If either database was accessed it could provide a treasure trove of sensitive information for use in follow-on fraud.


EXPERTS COMMENTS
Anurag Kahol, CTO ,  Bitglass
February 17, 2020
Organisations must take the proper cloud security steps in 2020.
Managing students’ medical forms, passport scans, visa documents as well as other highly sensitive data, makes the Institute of International Education an attractive target for cyberattacks. While there is no evidence that the data has been misused, the temporary exposure still opened up a window for threat actors to access the vulnerable data in order to use it to commit identity theft or launc ....
[Read More >>]

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :




In this article