Punjab University’s Female Students Data Hacked and Sold On Deep Web
Punjab University is Pakistan’s one of top ranked and oldest institute. Recently it was revealed that personal data of the students was sold on Deep web. Many of you must be pondering over the term ”Deep Web” let me explain this to you in simple words that, Deep web is a kind of network that is operated through special browser e.g. TOR. These browser have specific URLs that does not appear in simple search engine and they can not be accessed through simple browsers you are using, Since the creation of the cryptocurrency ”Bitcoin” in 2008 it was not very commonly used to make purchases. One Bitcoin was priced in 2008 at 0.008 $ approximately.
In 2012 when I came to know about the Bitcoin it was priced at 10 $ or more. Suddenly the price of this currency started to gain increase and today one Bitcoin is priced at around 5000 USD. That makes a sense that why the cryptocurrency gained so much popularity and one of potential income source for some people. As I was explaining about the Deep web a common user does not know what kind of stuff is available on this network. Most of the illegal items, credit card details, Paypal accounts, Fake identities, Weeds, weapons and pornographic content including Child pornography, Pedophiles are available on Deep web. In order to purchase something on Deep Web cryptocurrency is being used as safe transaction process. This explains why your data is valued on Deep Web.
Recently it was revealed that Data of female student of Punjab University was sold on Deep Web. Many of the news agencies are claiming that Data included pictures , videos and Identity information including ID numbers, Phone numbers. emails and even Home address. But that does not explain that why would someone want to have your Data? Who could be the buyer’s of this data? May be blackmailers, Criminals, Spamers, Fake ID makers, abductors or even it could be used for Marketing purposes.
Now question rises that, How the data got into the wrong hands in first place?
Its not a big deal for hackers to hack a system and hack your data but, what could be more simple than that? In current scenario Personal data at organizations is not being handled carefully or may be its an un-avoidable thing to do? Now days many organizations and institutes are running online admission service portals as well as list of the successful candidates is being displayed online to ease the candidates. Only with a single click you can download list of all the candidates that appeared in test, interviews, admitted etc. You may be concerned with your own name in the list but what about those Ten (10) to hundred (100) pages document that contains information about other candidates also.
What could be done to avoid such a mess with a sensitive data?
Basically it just needs to be protected by login or lock with specific codes that allows you to access that information or authorized person to view it. Many of you have experienced such type of protection on your data when you apply for a test and want to know you result that ask you to put the ID that has been assigned to you, and you can only get what is required.
Data should be handled carefully with complete responsibility of protection against un-authorized access. Its not a big deal to avoid such incidents to happen in future. We must change the way of handling data. It would require more technically sound persons for such kind of jobs.
My perspective may be different from others.