Attacker did not redact the information correctly when leaking the personal information.
Over one million students' personal data were leaked following the hijacking of the New York University's website.
According to The Record, included in the applicant data were individuals' full names, addresses, phone numbers, email addresses, and grade point averages, among other information.
Zack Ganot, who helps run DataBreach.com, said the hacker did not redact the information correctly and leaked the personal information. Ganot has added the stolen data trove to his website after the incident was revealed by NYU's school newspaper to have compromised extensive information from applicants dating back to 1989.
Such an intrusion, which involved the defacement of NYU's homepage, was claimed by a "Computer Niggy Exploitation" hacker to have been conducted in response to the removal of affirmative action nearly two years ago, a move which Ganot regarded to be "reckless" despite the hacker's efforts to reveal illegal discrimination.
Computer Niggy Exploitaiton was previously linked to an attack against the University of Minnesota, which resulted in the theft and exposure of 7 million current and former students' Social Security numbers.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
