San Beda University

San Beda University (SBU), headquartered in the Philippines, operates as a higher education institution. In June 2020, the university experienced a significant security incident involving its online student portal. An unidentified hacker successfully breached this system, leading to the theft of personal information and social media passwords belonging to thousands of its students. The attacker subsequently publicly disseminated the compromised data through the social media platform Twitter. This unauthorized access and illegal data release prompted the university to formally notify its community members about the breach. Initial media reports at the time incorrectly suggested a similar data leak might have occurred at another Philippine university, but officials from that separate institution later clarified their systems remained secure and unaffected, distinguishing the SBU incident as an isolated event.

The breach at San Beda University resulted in the exposure of sensitive credentials and personally identifiable details for a large number of affected individuals. This incident highlighted vulnerabilities within the university's digital infrastructure for managing student records and portal access. Following the discovery, university administrators took the step of alerting the campus community to the unauthorized access and the subsequent public leakage of data. The event underscored the critical importance of robust cybersecurity measures for educational institutions handling substantial volumes of student personal information. While the precise long-term institutional responses or technical remediations implemented by SBU post-breach are not detailed in the available record, the notification to its community confirmed the occurrence and scope of the compromise. The publicly released data included information that could facilitate further unauthorized access to student accounts beyond the university's systems, given the theft of social media passwords. This data breach remains a documented cybersecurity event in the university's recent history, representing a notable compromise of its digital student services.