An app operated by India’s Education ministry contained a security lapse that resulted in the exposure of personally identifying information belonging to millions of students and teachers. The information was exposed for over a year, the ministry confirmed. The app in question is the Digital Infrastructure for Knowledge Sharing app, also known as Diksha. The app is designed to promote public education and was launched in 2017. During the Covid-19 pandemic, teachers and school systems relied on the app to allow students to access educational materials and coursework from their homes.
The security breach occurred when a cloud server storing Diksha’s data was left unprotected. This resulted in the data being exposed to hackers, scammers, and other malicious individuals. Although the exact number has not been confirmed, it is believed that the data belongs to over one million different teachers. Data pertaining to students included full names, school district information, enrolled courses, and course progress.