A threat actor has allegedly leaked the database of a Nigerian private academy, exposing sensitive details of staff and students. The leaked data appears to contain records of executives, staff, and students, including:
- Full names, emails, and phone numbers
- Password hashes
- School IDs and roles (academic/admin)
- Religious affiliations and demographic details
- Student enrollment and verification records
From the samples shared, both staff credentials and student personal information were exposed, raising concerns about the protection of educational records in Nigeria. The breach reportedly includes thousands of entries, which, if confirmed, could place students, parents, and staff at significant risk of identity theft and fraud.
This incident highlights the urgent need for stronger cybersecurity measures in Nigeria’s education sector, particularly as schools increasingly rely on digital platforms for administration and learning.