cyber Breach

University of Düsseldorf

Oct 4, 2023 1 min read
University of Düsseldorf

The data of Heinrich Heine University Düsseldorf (HHU) has been stolen.

4,500 HHU members' personal information were stolen from a previous university service provider.

Names, email addresses, and, in about 800 cases, so-called password hashes, are all contained in them.

The number of persons affected who must take action is minimal because the data is approximately six years old but was just recently disclosed on the dark web.

The server of a former IT service provider has been identified by university IT experts as the data's source; the vulnerability was quickly patched.

Source: https://www.hhu.de/die-hhu/presse-und-marketing/aktuelles/pressemeldungen-der-hhu/news-detailansicht/daten-von-hhu-angehoerigen-im-darknet-aufgetaucht

TPRM report: https://scoringcyber.rankiteo.com/company/heinrich-heine-universitat-dusseldorf

"id": "uni35214823",
"linkid": "heinrich-heine-universitat-dusseldorf",
"type": "Data Leak",
"date": "02/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': 4500,
                        'industry': 'Education',
                        'location': 'Düsseldorf, Germany',
                        'name': 'Heinrich Heine University Düsseldorf',
                        'type': 'Educational Institution'}],
 'attack_vector': 'Server Vulnerability',
 'data_breach': {'number_of_records_exposed': 4500,
                 'personally_identifiable_information': ['Names',
                                                         'Email addresses'],
                 'type_of_data_compromised': ['Names',
                                              'Email addresses',
                                              'Password hashes']},
 'description': 'The data of Heinrich Heine University Düsseldorf (HHU) has '
                "been stolen. 4,500 HHU members' personal information were "
                'stolen from a previous university service provider. Names, '
                'email addresses, and, in about 800 cases, so-called password '
                'hashes, are all contained in them. The number of persons '
                'affected who must take action is minimal because the data is '
                'approximately six years old but was just recently disclosed '
                'on the dark web. The server of a former IT service provider '
                "has been identified by university IT experts as the data's "
                'source; the vulnerability was quickly patched.',
 'impact': {'data_compromised': ['Names',
                                 'Email addresses',
                                 'Password hashes']},
 'response': {'remediation_measures': ['The vulnerability was quickly '
                                       'patched']},
 'title': 'Data Breach at Heinrich Heine University Düsseldorf',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Server vulnerability of a former IT service '
                            'provider'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.