ZATAZ » An Andalusian Hacker Altered His Grades Through a Cyberattack

A 21-year-old student has been arrested in Seville. He is accused of manipulating his school grades by hacking into the educational platform Séneca.

The Spanish police announced the arrest of a young man suspected of carrying out an unprecedented hack in Andalusia’s education system. According to the investigation, he allegedly altered his high school and university entrance exam grades, as well as those of several classmates, by illegally accessing the official Séneca platform. This case highlights the vulnerability of school systems to cyberattacks, at a time when education is becoming a recurring target for hackers.

Spanish authorities have arrested a 21-year-old student in Seville for hacking Séneca, the platform used across Andalusia. He allegedly modified his own grades, those of other students, and accessed the email accounts of thirteen professors at several regional universities. The investigation began after an alert from a high school in Jaén in March 2025. The case underscores the weakness of educational systems against cyber intrusions, as similar incidents already affect the United States and other countries. Spanish authorities charge him with illegal access, identity theft, and forgery.

A Flaw Discovered by Chance

It all started in March 2025, when San Juan Bosco High School in Jaén noticed inconsistencies in student records. Some grades attributed to a student did not match those entered by teachers. Alerted, the regional administration quickly traced the issue back to suspicious access to Séneca, the online platform managing Andalusian students.

The national police investigation then led to Seville, where a 21-year-old student was identified as the prime suspect. His profile raised questions. Not enrolled at the Jaén high school where the alert was triggered, he nevertheless altered exam results there. Investigators say he extended his manipulations to other institutions and accessed the professional emails of thirteen professors working at the universities of Jaén, Córdoba, Seville, Huelva, Cádiz, and Almería.

During a search of his home, police found his computer equipment and a handwritten notebook listing falsified grades. This physical evidence, rare in cybercrime cases, directly linked the suspect to the compromised data.

A Method Exposing System Weaknesses

The suspect allegedly used standard hacking techniques to penetrate Séneca and the teachers’ email accounts. While authorities have not publicly detailed the exact vectors, evidence points to compromised passwords or targeted phishing. Simultaneous access to professor accounts across six universities supports the hypothesis of an attack based on social engineering and credential reuse.

Once inside, the student altered not only his own grades but also those of certain classmates. This strategy may have blurred the tracks by hiding his manipulations among others. The act was therefore not just personal gain but also an experiment within the system.

Investigators also noted a troubled past. Local sources claim the suspect had already been involved in similar offenses, though details remain unclear. This repeat behavior raises questions about the ability of educational institutions to quickly detect and contain such intrusions.

Charges Filed

Spanish prosecutors retained multiple charges: illegal access to an IT system, digital identity theft, and document forgery. These charges reflect the seriousness of an act that goes far beyond a student’s “test run” in computing.

In Spain, unauthorized access to an IT system is punishable under the Penal Code, with sentences of up to five years in prison if the intrusion targets sensitive or public data. Digital identity theft also carries severe penalties, especially when targeting teachers and universities. Finally, forging official documents, such as transcripts, is considered academic fraud and can leave a lasting mark on a criminal record.

The young man has not yet been presented publicly. Authorities have withheld his name, in line with Spanish judicial privacy rules.

Precedents in the United States

This case is not isolated. Education systems are becoming prime targets for cybercriminals, whether for financial gain or personal motives.

In January 2025, a Massachusetts student was indicted for hacking PowerSchool, an American platform used by over 60 million people. Like in Spain, the student’s main goal was to alter grades. The case prompted a swift response from the Department of Justice, reminding that digital academic forgery is a federal crime.

Months earlier, in June 2024, Columbia University revealed a much larger cyberattack. More than 860,000 people had their data compromised. In that case, the hackers were not altering grades but exploiting personal and financial information collected by the institution.

Different in scope, these incidents converge on the same point: education is a vulnerable sector. Its IT systems, often decentralized and inconsistent, struggle to apply the same cybersecurity standards as more sensitive sectors like finance or healthcare.

Public Trust Undermined

Beyond the individual case, trust in academic evaluation is at stake. If grades and diplomas lose credibility, the entire educational system weakens. The Seville case strikes at a symbol: the university entrance exam, meant to reflect merit and fairness.

Parents, students, and teachers are now questioning the integrity of academic records. University leaders fear that revelations of such breaches could damage the value of Andalusian diplomas on the international academic market.

Cybersecurity experts stress the need to strengthen protections. Multi-factor authentication for teachers, regular audits of platforms like Séneca, and staff training to detect phishing attempts are seen as priority measures.

When French Schools Become a Target

Cyberattacks on education are not limited to Spain. In France, several cases highlight the sector’s fragility. In 2015, a middle schooler in Castres spoofed his principal’s address to change his grades and inflate his GPA before being caught through his IP address. In 2025, the private school La Salle in Nouvelle-Aquitaine had its transcripts encrypted by ransomware with an €8,000 ransom demand refused by the headmaster. That same year, the pro-Russian group Stormous leaked thousands of credentials from Cyclades and ÉduConnect. In higher education, the hacker “st0jke” infiltrated several Parisian schools and sold their databases. Finally, in 2023, the ENT Monlycée.net platform suffered a breach exposing the personal data of high schoolers in the Paris region. [ZATAZ News English version]