On September 9, 2024, the Pontifical University of Salamanca (UPSA) in Spain experienced a significant cyber attack that has put student data at risk. The breach involved unauthorized access to the university’s systems, potentially compromising a range of personal information stored in its digital repositories. The types of data that might have been exposed include students’ names, email addresses, phone numbers, degrees completed, and other academic and personal details. Despite the gravity of the situation, UPSA has reported that there is currently no evidence suggesting that the compromised data has been exfiltrated or made available on the dark web.
Upon discovering the breach, UPSA acted swiftly to contain the situation and protect its community. The university has advised all affected individuals to immediately change their passwords and avoid using their @upsa.es email addresses on any external websites. This precautionary measure is intended to mitigate further risks and prevent additional unauthorized access. The university is also implementing enhanced security protocols to safeguard its systems and ensure that similar incidents do not occur in the future.
The investigation into the breach is ongoing, with UPSA collaborating closely with cybersecurity specialists to determine the full extent of the impact and the methods used by the attackers. While the initial assessment shows no confirmed data exfiltration, UPSA remains vigilant and is continuously monitoring for any signs of further compromise. The university is also working with relevant authorities to address the breach and to support affected individuals throughout this process.
To maintain transparency, UPSA has committed to providing regular updates to its students and alumni regarding the status of the investigation and any potential repercussions of the breach. The university plans to send detailed communications outlining the measures being taken to resolve the issue and to safeguard personal data. This proactive approach underscores UPSA’s dedication to protecting the privacy and security of its community members while addressing the challenges posed by this cyber attack.
Reference:
