Enterprise Resource Planning (ERP) systems are widely used by the academia, and educational institutions. ERP are used by institutions for maintaining their records and sharing of data with the users and stakeholders. ERP modules have varying levels of end-user access restrictions depending on the type of module. Certain
modules can be accessed from anywhere using an internet connection, whereas some
are restricted to be accessed only through an admin account. Tese modules generally contain sensitive data stored in them. Tere are cases wherein the security breach
has been reported for gaining access to the data stored and use them for perpetrating
crimes, majorly fnancial crimes and identity thefs. Te current paper discusses some
of these breaches, along with the possible risks and corrective measures suggested to
avoid such breaches