An unidentified hacker infiltrated the online student portal of San Beda University (SBU) and accessed all personal information of students, which were released online.
According to SBU, the hacker gained access to the following personal data:
- Full name of students, guardians, and faculty
- Birthday of students
- Addresses of students and guardians
- Passwords and email addresses
- Contact numbers of students and guardians
- Student grades
- Student identification number
- Student course
- Previous schools attended by student
- Statement of accounts
SBU shared that the hacker got through the system set up by the third-party company that SBU had hired for their student portal, Princtech Company.
To address the problem, SBU reached out to the National Bureau of Investigation and the National Privacy Commission to investigate the breach and track down the hacker responsible.
SBU also demanded Princetech to explain the development, hiring IT experts to audit the system and recommend a redesign.
SBU expressed apologies and promised to protect the data of its community.