Hackers target university’s e-learning system in Hong Kong, putting data of 20,000 at risk

The personal data of more than 20,000 students, staff and past graduates of the Chinese University of Hong Kong’s School of Continuing and Professional Studies could be at risk after an e-learning system was hacked earlier this month.

In a statement on Thursday, the school said it found out on June 3 that its “moodle learning management system” had been hacked.

“The data concerned involves name, email address and student registration number … of 20,870 [users of the system] who are staff, part-time instructors, students, graduates and some guest users,” it said.

“[The school] has already disabled the related login account and reset its password. The [system] has also been moved to another server and other security measures have been upgraded.”

The school said it had appointed an external IT security consultant to investigate and it has been “observed that there was no large volume of outbound traffic” and “data concerned was not found in the dark web”.

Moodle is an open source learning management system. It is used for blended learning, distance education, and other online learning projects in schools, colleges and workplaces.