SECURITYTHE REGISTER
UK school’s network left wide open for invasion, student found
A UK school's network was found to have severe security vulnerabilities, including unauthenticated access to Active Directory domain controller tools and cleartext admin passwords stored in description fields. A 17-year-old student discovered these flaws, gaining access to sensitive data, staff/student information, and systems like Google Workspace and LanSchool, but chose not to exploit them.
Mentioned
Related Signal
Adjacent reporting
- Hackers deface school login pages after claiming another Instructure hack
- Hacked educational platform partially restored for millions of students
- Canvas is down as ShinyHunters threatens to leak schools’ data
- Oxford Uni student data pwned yet again - this time via career platform breach
- The Canvas Hack Is a New Kind of Ransomware Debacle