He added that it was an open secret that even legitimate businesses like marketing and advertising firms would want such data for targeted advertising.Īsked if there was anything that the affected alumni could do to mitigate the damage, Fong said there was not much they could do, though if the database contained their password hashes, the victims should change these at once.
HACK RESULT EXAM UITM 2017 FULL
Imagine I have your full data, I could try to apply for credit cards and even loans from credit companies,” he claimed. He warned that the leak contained a wide range of sensitive information that allowed hackers to build a profile of the victims through a technique called “data correlation”.Īsked why the information would be leaked openly, rather than kept quietly and sold, Aswami said the hackers could be doing so to create awareness so that the university and government were aware that the system had flaws that could be exploited.Ĭybersecurity company LGMS director Fong Choong Fook pointed out that the breach was reported to have occurred last year, thus the information could have already been sold by the original hackers before being leaked by a purchaser, perhaps for political agenda, fame or even to shame someone.
He said due to current regulations, CSM cannot begin an investigation until a request or report had been made by the affected party.īefore starting an investigation, CSM could not be sure of the degree of damage done, but Aswami recommended that UiTM alumni changed their passwords and credentials related to the university. He suggested that victims changed their phone numbers.ĬyberSecurity Malaysia (CSM) senior vice-president for cybersecurity responsive services Dr Aswami Ariffin said he was aware of the incident, though the agency had not received a report from UiTM. They could blackmail you and talk you into transferring money,” he said. “Scammers could call you up and say they have your exact details like MyKad number and home address. “It could have been someone working in UiTM who was given clear access to student records for administrative duties,” he said.ĭhillon said leaking personal data online was illegal, even if the intent wasn’t, adding that it was most likely done for “bragging rights”. Hack In The Box CEO and security expert Dhillon Kannabhiran said the source of the leak could have been internal. Subsequently, it posted an update, claiming that it was not responsible for the leak and that the group had been sabotaged by “certain parties”. However, a source informed The Star that a group called 11 Supernova Security had claimed responsibility for the leak on Facebook.Ī post on its page on Jan 22 said: “We have all UiTM database. Should any proof of wrongdoing be found, the university said it would not hesitate to take legal action against the responsible party. UiTM is also performing an internal investigation to ensure no wrongdoing by any UiTM staff.
HACK RESULT EXAM UITM 2017 ISO
He said UiTM’s cybersecurity system was on par with other organisations in Malaysia, as proven by the Information Security Management System ISO 27001:2013 certificate awarded by Sirim QAS International Bhd on Jan 14. Prof Hassan said the university took security seriously, having comprehensive security protocols for the university’s private and official information. He added that UiTM was confident that the security system it had in place was still secure, safe and trustworthy. “This shows that the information has been edited or manipulated by irresponsible parties, and proves that the information was not gleaned from a hack of UiTM’s systems,” he claimed in a press statement. However, UiTM vice-chancellor Emeritus Prof Datuk Dr Hassan Said denied that the university system was hacked, as screenshots of the leaked data didn’t match the formatting of UiTM’s internal system. It also affects students enrolled in UiTM accredited courses at external colleges like Kolej Yayasan Terengganu, Institut Teknologi Perak and Institut Yayasan Bumiputera Pulau Pinang. Tech portal reported that records of 1,164,540 students had been compromised, affecting records from UiTM campuses around the country, including the main one in Shah Alam.
The leaked data includes personal details like students’ names, MyKad numbers, house and email addresses, campus codes, campus names, programme codes, course levels, student IDs and mobile numbers. PETALING JAYA: Private information of over a million students and alumni of Universiti Teknologi MARA (UiTM) enrolled between 20 has been leaked in a massive data breach.
0 kommentar(er)
