Security News > 2020 > July > e-Learning Platform OneClass Exposed Data on Students, Lecturers
An Elasticsearch database pertaining to e-learning platform OneClass was found to expose data on over one million students and lecturers, vpnMentor reveals.
Collected prior to 2019, the data included personally identifiable information and educational data.
"However, during our investigation, we had used publicly available information to verify a small sample of records in the database. Taking the PII data from numerous records, we found the social profiles of lecturers and other users on various platforms that matched the records in OneClass's database," vpnMentor says.
"It's also possible that some of the data belongs to minors, as OneClass includes resources for high school students and accepts users from 13 years old and above," the security firm says.
The exposed information, vpnMentor says, could prove a boon for phishers and other threat actors, assuming that the database was accessed by malicious hackers during the time it was exposed.