Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Vikaasa Group of Schools

Vikaasa Group of Schools Vendor Cyber Rating & Cyber Score

vikaasa.edu.in

Vikaasa Group of Schools offer a globally recognised ICSE & IGCSE syllabus that prepares students to pursue their higher education at international universities in the future. We have now entered a strategic partnership with the Singapore-based, Global Schools Foundation (GSF) - a reputed name in the field of education for the last 20 years. The 35 campuses of GSF schools are spread across 10 countries where students from 70 different nationalities spend their most important years in education. We at Vikaasa, practice an integrated approach to teaching that focuses equally on academic, artistic, physical, and social skills. A multi-talented, competent global citizen is our vision for the students. We believe each child has a unique


VGS A.I CyberSecurity Scoring

VGS
Company Information
Website:https://www.vikaasa.edu.in/
Employees number:18
Number of followers:129
NAICS:6111
Industry Type:Primary and Secondary Education
Homepage:vikaasa.edu.in
VGS Risk Score (AI oriented)
Between 600 and 649
logo
VGSPrimary and Secondary Education
Updated:
18/06/2026
640/1000
Poor
Caa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
VGS Global Score (TPRM)
xxxx
logo
VGSPrimary and Secondary Education
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

VGS
VGSPoor
Current Score
640Caa (POOR)
01000
1 incidents
-132 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
641Before Incident
JUNE 2026
771Before Incident
Breach
12 Jun 2026VGS
Vikaasa, Harrods International Academy and Dwight School Seoul: Data analysis of the Global Schools Group breach, Part 1

Global Schools Group Data Breach Exposes Sensitive Data of 183,000+ Users Across 12 Brands

639After Incident
CRITICAL-132
VIKHARDWI1781800805
Global Schools Group Data Breach Exposes Sensitive Data of 183,000+ Users Across 12 Brands A massive data breach at Global Schools Group (GSG), a multinational K-12 education network, has exposed the personal and sensitive information of over 183,000 students, parents, and staff across 12 school brands and 60+ campuses in 10 countries. The breach, first reported on June 12, was carried out by the threat actor FulcrumSec, which leaked the data and later provided detailed findings to DataBreaches. ### Scope of the Breach GSG operates a centralized AWS database shared across all its brands, meaning the breach affected every school in its network. The compromised data includes: - 183,164 user accounts (83,132 students, 88,856 parents, 11,176 staff) - 35,938 student enrollment records containing passport numbers, government IDs (Aadhaar, NRIC, Emirates ID), and family PII - 9.4 million internal messages (2006–2024), including medical and disciplinary disclosures - 8.6 million attendance records - 122,862 Twilio SMS messages - 112 source code repositories and 168 AWS secrets - 46,901 job applicant folders with ID document scans - 11,176 staff password hashes (SHA-256) ### Affected Brands & Data Exposure While all 12 GSG brands were impacted, Global Indian International School (GIIS) the group’s flagship brand suffered the deepest exposure, including: - ~33,000 passport numbers (students, parents) - 23,856+ government IDs (Aadhaar, NRIC, Emirates ID) - 9.4 million internal messages (including medical and counseling records) - 626,000 email attachments Other affected brands include: - One World International School (OWIS) – Exposed 9,000+ student/parent records (names, DOB, addresses, password hashes) and 5,896 messages. - Glendale Academy4,800+ records with Aadhaar numbers and 512 internal messages. - Additional brands (Vikaasa, Harrods, CIS Manila, Dwight Seoul, etc.) also had account-level data compromised. ### Geographic Impact The breach spans 10 countries, with the highest exposure in: - Singapore (GIIS, OWIS) - India (GIIS, Glendale, Vikaasa, Global/Witty) - UAE (GIIS Abu Dhabi/Dubai, Glendale Dubai) - Japan, Malaysia, Cambodia, Philippines, South Korea, Saudi Arabia, UK Student nationalities in the data span 66 countries, indicating a truly global impact. ### How the Breach Occurred FulcrumSec accessed the data through compromised credentials tied to GSG’s shared AWS infrastructure. The threat actor used AI-assisted crawling to extract records, though some minor errors in deduplication may exist. A second report will provide further details on the remaining affected brands.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: 183,164 user accounts, 35,938 student enrollment records, 9.4 million internal messages, 8.6 million attendance records, 122,862 Twilio SMS messages, 112 source code repositories, 168 AWS secrets, 46,901 job applicant folders, 11,176 staff password hashesSystems Affected: AWS database, centralized school management systemOperational Impact: Exposure of sensitive student, parent, and staff data across 12 brandsBrand Reputation Impact: Severe reputational damage to Global Schools Group and its 12 brandsIdentity Theft Risk: High (exposure of passport numbers, government IDs, PII)
DATA BREACH
Personal Identifiable Information (PII)Passport numbersGovernment IDs (Aadhaar, NRIC, Emirates ID)Medical recordsDisciplinary recordsInternal messagesAttendance recordsTwilio SMS messagesSource code repositoriesAWS secretsJob applicant folders with ID scansStaff password hashes (SHA-256)Number Of Records Exposed: 183,164 user accounts, 35,938 student enrollment records, 9.4 million internal messages, 8.6 million attendance records, 122,862 Twilio SMS messages, 46,901 job applicant foldersSensitivity Of Data: High (government IDs, medical records, disciplinary records, password hashes)Data Exfiltration: Yes (by FulcrumSec)Data Encryption: Password hashes (SHA-256), but other data unencryptedFile Types Exposed: Email attachments, ID document scans, source code, internal messagesPersonally Identifiable Information: Yes (names, DOB, addresses, passport numbers, government IDs)
MAY 2026
771Before Incident
APRIL 2026
771Before Incident
MARCH 2026
771Before Incident
FEBRUARY 2026
771Before Incident
JANUARY 2026
771Before Incident
DECEMBER 2025
771Before Incident
NOVEMBER 2025
771Before Incident
OCTOBER 2025
771Before Incident
SEPTEMBER 2025
771Before Incident
AUGUST 2025
771Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for VGS ?
?
What was VGS's A.I Rankiteo Cyber Score in June 2026 ?
?
What was VGS's A.I Rankiteo Cyber Score in May 2026 ?
?
What was VGS's A.I Rankiteo Cyber Score in April 2026 ?
?
What was VGS's A.I Rankiteo Cyber Score in March 2026 ?
?
What was VGS's A.I Rankiteo Cyber Score in February 2026 ?
?
What was VGS's A.I Rankiteo Cyber Score in January 2026 ?
?
What was VGS's A.I Rankiteo Cyber Score in December 2025 ?
?
What was VGS's A.I Rankiteo Cyber Score in November 2025 ?
?
What was VGS's A.I Rankiteo Cyber Score in October 2025 ?
?
What was VGS's A.I Rankiteo Cyber Score in September 2025 ?
?
What was VGS's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on VGS's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with VGS ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view VGS's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?