Anonymous individual threatens to leak UiTM student data if demand not met


  • TECH
  • Wednesday, 30 Jan 2019

An aerial view of the UiTM campus in Puncak Alam, Selangor. A massive data leak has compromised the details of over one million UiTM students. — UiTM Cawangan Selangor Facebook page

An anonymous individual, who claims to be the source that leaked the Universiti Teknologi MARA (UiTM) data breach to tech portal Lowyat.net, is now threatening to leak the data on several sites if the university doesn’t upgrade its security system.

Only known as AA, the person reached out to The Star via email, and demands that UiTM implements Secure Sockets Layer (SSL) and TLS (Transport Layer Security) security certificates on seven portals linked to the university.

The portals are the iSTUDENT Portal System, iLearn V3 Login, Electronic Question Paper System, Portal I-Staf, PRISMa, iRMIs and UiTM Consultancy Unit website.

The demand, pasted on Pastebin on Jan 29, says if UiTM doesn’t comply by Feb 4, the person will leak 100,000 student records a day on Facebook, Twitter, Instagram, Pastebin,  Telegram and WhatsApp.

On Jan 25 it was reported that the records of 1,164,540 students and alumni enrolled between 2000 and 2018 has been leaked.

The leaked student records include details like students’ names, MyKad numbers, house addresses, email addresses, campus codes, campus names, programme codes, course levels, student IDs and mobile numbers.

“It would take a basic idiot one day to implement this security measure across all the sites,” claimed AA.

The individual claimed that UiTM has failed to implement basic security measure for its online systems, describing its English Evaluation Test (EET) system as a “security nightmare” which could easily be bypassed by anyone with basic Javascript knowledge.

“The greatest disappointment is, of course, your failure to disclose the fact that there was in fact a data breach, and that millions of data have been leaked. You have decided to cover up the fact, when you should have announced it long before,” claimed AA.

A UiTM spokesperson said the university is looking into the demand.

UiTM vice-chancellor Emeritus Prof Datuk Dr Hassan Said has since denied that the university’s system was hacked, saying screenshots of the leaked data doesn’t match the formatting of UiTM’s internal systems.

“This shows that the information has been edited or manipulated by irresponsible parties, and proves that the information is not the gleaned from a hack of UiTM’s systems,” he said in a press statement last week.

Subscribe now and receive FREE sooka plan for 1 month.
T&C applies.

Monthly Plan

RM13.90/month

Annual Plan

RM12.33/month

Billed as RM148.00/year

1 month

Free Trial

For new subscribers only


Cancel anytime. No ads. Auto-renewal. Unlimited access to the web and app. Personalised features. Members rewards.
Follow us on our official WhatsApp channel for breaking news alerts and key updates!
   

Next In Tech News

World's first wooden satellite, developed in Japan, heads to space
This humanoid robot can now operate with full autonomy
Scientists use AI to help track penguins in Antarctica
Windows 10 users will soon have to pay to keep getting security updates
Musk and X are epicenter of US election misinformation, experts say
OpenAI in talks with California to become for-profit company, Bloomberg News reports
Meta to extend ban on new political ads after U.S. election
Crypto firms including Robinhood, Kraken launch global stablecoin network
Chipmaker NXP forecasts quarterly revenue below estimates on macroeconomic concerns
Exclusive-Silver Lake, Bain prepare to bid for multi-billion stake in Intel's Altera unit, sources say

Others Also Read