The personally identifiable information (PII) and test results of 190,000 candidates for the 2020 Common Admission Test were leaked and put up for sale on a cybercrime forum, according to threat intelligence firm CloudSEK.The compromised data includes candidates\u2019 names, dates of birth, email IDs, mobile numbers, and address information. In addition to this, the candidates\u2019 10th and 12th grade results, details of their bachelor\u2019s degrees and their CAT percentile scores was also revealed in the leaked database.The CAT is the principal entrance exam for graduate management programs in the country and is undertaken by close to 200,000 candidates each year. The intensely competitive examination is the gateway for aspiring candidates to gain admission to the country\u2019s 20 Indian Institutes of Management (IIMs).With the help of open-source intelligence, CloudSEK\u2019s threat intelligence team was able to validate the compromised data and revealed that the database is from the CAT examination conducted on 29 November 2020.CAT burglar strikes againThe threat actor put up a post on 12 May advertising the sale of 190,000 CAT aspirants\u2019 details on a dark web forum. The database comprised personal information and examination scores of nearly all candidates who appeared for the exam. Education website Shiksha reported that of the 227,000 registered candidates, 190,000 had appeared.According to CloudSEK, the threat actor joined the dark web forum in November 2018 and enjoys good standing in the hacker community. Based on the intelligence it received, the company said the threat actor exploited a vulnerability in the official CAT website to access the database.This isn\u2019t the first time the perpetrator has targeted CAT. The 2019 CAT examination database was also leaked and put up for sale in September 2020. CloudSEK says it has discovered similar posts from the threat actor on other cybercrime portals on the dark web as well.With candidates\u2019 personal information lose on the dark web, they could be targeted for phishing and identity theft. Furthermore, since the threat actor appears to have exploited vulnerabilities in the official CAT website (www.iimcat.ac.in) twice within a short span of time, attacks of this sort can reoccur if the website remains unpatched, CloudSEK\u2019s security experts warned.