• Oxford’s CareerConnect platform breached via GTI vulnerability
• Names, emails, and some encrypted passwords exposed
• Alumni and employers forced to reset passwords; phishing risk expected

Hackers recently broke into a careers platform used by Oxford University and stole users’ contact information.

The platform is called CareerConnect, it is a central hub where students, graduates, employers, and career advisers can find things like job listings and employer profiles. It is developed by a company called GTI, on a technology called targetconnect.

In a press release published last week on the Oxford University Careers Service website, it was said that in the last days of May, an unauthorized third party used a security vulnerability to access users’ first names, last names, and email addresses. For users who do not sign in using the Single Sign-On (SSO) feature, encrypted passwords were stolen as well.

Passwords invalidated

“Students use their SSO to sign in to CareerConnect which means their passwords are not affected,” the announcement reads. “Only names and e-mail addresses would have been acquired in the breach.”

GTI said that alumni, research staff, and employers, were using CareerConnect with a password set locally, and since these were most likely compromised, GTI invalidated them. These users will be asked to set a new password on their next login.

“There is no evidence that course information, uploaded files, appointment information, or financial information were involved in this incident,” the announcement further reads. “GTI has stated this breach appeared to be focused on gathering credentials which may lead to phishing attempts.”

The breach happened in the third-party system, Oxford said, stressing that there is no evidence of compromise to University systems. Students’ passwords, as well as financial information, are most likely not affected.

The identity of the attackers, or the number of victims, have not been disclosed. We don’t know if the crooks attempted to extort the university. GTI has since confirmed that the bug was fixed, and that “additional security measures” have been introduced to prevent similar occurrences in the future.

Via The Register

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.