Hackers outsmart Oxford Uni career progression platform – student data potentially compromised
- Oxford’s CareerConnect platform breached via GTI vulnerability
- Names, emails, and some encrypted passwords exposed
- Alumni and employers forced to reset passwords; phishing risk expected
Hackers recently broke into a careers platform used by Oxford University and stole users’ contact information.
The platform is called CareerConnect, it is a central hub where students, graduates, employers, and career advisers can find things like job listings and employer profiles. It is developed by a company called GTI, on a technology called targetconnect.
In a press release published last week on the Oxford University Careers Service website, it was said that in the last days of May, an unauthorized third party used a security vulnerability to access users’ first names, last names, and email addresses. For users who do not sign in using the Single Sign-On (SSO) feature, encrypted passwords were stolen as well.
Passwords invalidated
“Students use their SSO to sign in to...
Copyright of this story solely belongs to techradar.com. To see the full text click HERE
