The staff and students that have fallen victim to the hack have accounts in the learning environment Moodle. Some people only had their email address exposed, the Volkskrant reported, but others also had their home address or encrypted password stolen.
Inholland has confirmed the incident. The encrypted passwords of 791 external people were also accessed, the institution said. They will be informed by Inholland which is conducting an investigation into the data leak.
Change your password
Since the incident, the provider of Moodle has made it more difficult to export data, and a two-step login is now in place. All students and staff will also have to change their passwords.
Inholland issued a warning to all students and staff about the misuse of personal data. “Watch out for emails that ask you to fill in your personal details or make payments. And never click the links or open the attachments”, the school wrote. “It is sometimes hard to see the difference between such emails and real messages.”
These kinds of hacks make it important to use different passwords for different sites. You need a different password for your Moodle account than the one you use for internet banking.
Two weeks ago, UvA and HvA were also hit by cyber attacks. Students and staff at those institutions also had to change their passwords. By now, some 70,000 of them have done so.
The Dutch Research Council (NWO) has had an incident with ransomware as well. Last year after such an incident Maastricht University was forced to make a ransom payment in order to recover its stolen data.