Indian educational institutions suffered more than 200,000 cyberattacks and nearly 400,000 data breaches in just nine months, according to a pilot study by the CyberPeace Foundation under its flagship e-Kawach initiative, in collaboration with DELNET, Resecurity and Autobot Infosec.

Released on Wednesday alongside the launch of the “Cyber First Responder” programme, the study—titled Exploring Cyber Threats and Digital Risks to Indian Educational Institutions—aims to equip students, faculty, librarians and staff with the skills to counter cyber threats, deepfakes and misuse of artificial intelligence.

Conducted between July 2023 and April 2024, the research revealed over 8,000 unique usernames and 54,000 unique passwords used in brute-force attacks, with “root” and “admin” among the most targeted usernames. Weak passwords such as “123456” and “password” were frequently attempted.

The report warned that Indian educational institutions may be five times more vulnerable to data breaches than counterparts with stronger cyber practices, risking impersonation of faculty, phishing attacks, deepfake misuse, theft of research data and leakage of exam papers.

National Law University-Delhi vice-chancellor G S Bajpai stressed that resilience in the digital era requires transforming systems in response to disruption, while DELNET director Dr Sangeeta Kaul described the Cyber First Responder initiative as “a commitment to shaping, not just reacting to, change.”

CyberPeace Foundation president Vineet Kumar called the findings a “wake-up call” for academia, warning: “Digitisation without cybersecurity is like building a house without doors or locks. Innovation cannot thrive without resilience.”

Also Read: The importance of cybersecurity and data privacy in education