A threat actor goes by the name of Team Mysterious Bangladesh, claimed to have compromised the Indian Central Board of Higher Education (CBHE) systems.
The threat actors would have stolen PII, including names, Aadhaar numbers, Indian Financial System Codes (IFSC codes), and other details of numerous individuals.
The group leaked the information about students from 2004 to 2022. The actor shared a snapshot of the data for a student.
The threat actors gained unauthorized access to the admin panel, enabling them to compromise the data for CBHE Delhi, India. Additionally, a directory of the domain was compromised by the hacktivist as they defaced it with their names.
Team Mysterious Bangladesh is known for using several scripts for DDoS attacks and an HTTP flooding attack technique similar to DragonForce.
To defend against threats of these types, it is suggested that businesses patch vulnerable and exploitable endpoints and not store unencrypted secrets in .git repositories.