Vittoria Elliott and Dhruv Mehrotra report:
A security lapse in an app operated by India’s Education Ministry exposed the personally identifying information of millions of students and teachers for over a year.
The data was stored by the Digital Infrastructure for Knowledge Sharing app, or Diksha, a public education app launched in 2017.
[…]
Files stored on the unsecured server contained the full names, phone numbers, and email addresses of more than 1 million teachers. According to data in the files, verified by WIRED, the teachers worked for hundreds of thousands of schools located in every state in India. Another file contained information about nearly 600,000 students.
Read more at WIRED.