Cyber Incident Victim: Sambalpur University

On October 24, 2021, the official website of Sambalpur University in Odisha, India, experienced a cyberattack attributed by reports to Pakistani agents. The attackers targeted a specific subdomain, 'grievance.suniv.ac.in,' defacing it with the message 'hacked by Devil Killer.' The breach disrupted university operations during a critical period, as students were actively using the grievance portal for Post-Graduation admission processes. Discovery occurred when users attempting to access the site encountered the unauthorized message instead of the expected admission interface. The defacement indicated a compromise of the webpage’s content management or hosting infrastructure, though technical specifics regarding the attack vector or intrusion methods were not disclosed in available reports. No additional compromised systems or data exfiltration were mentioned in the initial coverage.

The incident directly impacted administrative functions and student services, halting admission-related activities on the grievance portal. Sambalpur University authorities did not release immediate statements detailing containment measures, forensic findings, or restoration timelines within the cited sources. The defacement’s public visibility raised concerns about the university’s cybersecurity posture, particularly regarding web application protections. WCE3, the reporting entity, characterized the event as a deliberate act by foreign actors but provided no corroborating evidence of attribution. KalingaTV’s coverage, referenced as containing further details, was not excerpted in the available material, leaving gaps in the documented consequences, such as data integrity issues or prolonged downtime. The disruption underscored operational vulnerabilities in critical academic systems during peak usage periods.