"University Admission Platform Exposed Student Passports"

The popular university admissions platform called Leverage EDU leaked nearly 240,000 sensitive files, including passports, financial documents, certificates, and exam results. The Cybernews research team discovered that Leverage EDU's misconfiguration of systems led to the leak of sensitive information. Since no authentication was required, anyone could access an impacted student's information required for university applications. Leverage EDU is an admission platform for students who wish to study abroad. It claims to have a global network of over 650 educational institutions and 80 million users. Cybernews researchers discovered a misconfigured, publicly accessible Amazon S3 bucket on January 31. The bucket had numerous zip folders containing nearly 240,000 files with sensitive data and Personally Identifiable Information (PII) belonging to prospective students. A malicious actor could have used the exposed information to commit identity theft and fraud. A data breach of this magnitude allows criminals to craft spear-phishing attacks and target individuals with greater specificity, placing their financial and other accounts at risk. This article continues to discuss the exposure of sensitive information by the university admission platform Leverage EDU. 

Cybernews reports "University Admission Platform Exposed Student Passports"