Article Lead Image

Photo via Steve Cadman/Wikimedia

Hack exposes 1,500 University of Cambridge student and employee passwords

‘We are in the process of notifying affected users.’


Patrick Howell O'Neill


Hackers successfully hit the University of Cambridge’s Cambridge Schools Classics Project website this week, exposing the email addresses and cleartext passwords of over 1,500 students and employees.

The contents of the breach were released freely online earlier this week. On Thursday, a University of Cambridge spokesperson confirmed the incident to the Daily Dot.

“We are aware of a data breach,” the spokesperson said. “Email addresses and passwords of people registered on the Cambridge Schools Classics Project website have been accessed without authorization. We are in the process of notifying affected users.”

It’s not clear how the breach took place or why the passwords are available in cleartext rather than in an encrypted format that would add greater protections for users.

The breach of a relatively small educational website is, on one hand, no big deal. On the other hand, one successful hack can act as a contagion that can spread to other parts of a victim’s online life.

Most people reuse passwords and don’t utilize additional security on their online accounts. Hackers check across social media and then beyond, such as on financial websites, to see how far that single password can take them.

To protect your online life, there are several solid steps that anyone can take to increase security.

Never reuse passwords. Instead, use password managers to create strong, unique passwords. That way, if you’re ever a victim of a hack like this, you don’t have to worry about any of your other accounts.

Turn on additional security like two-factor authentication, which often requires use of your mobile phone if a sign-in takes place from a new location, like a hacker’s computer. Services like Facebook, Twitter, Gmail, and more offer easy options just like this.

Read more about how to protect yourself here.

The Daily Dot