Anonymous individual threatens to leak UiTM student data if demand not met

An aerial view of the UiTM campus in Puncak Alam, Selangor. A massive data leak has compromised the details of over one million UiTM students. — UiTM Cawangan Selangor Facebook page

An anonymous individual, who claims to be the source that leaked the Universiti Teknologi MARA (UiTM) data breach to tech portal, is now threatening to leak the data on several sites if the university doesn’t upgrade its security system.

Only known as AA, the person reached out to The Star via email, and demands that UiTM implements Secure Sockets Layer (SSL) and TLS (Transport Layer Security) security certificates on seven portals linked to the university.

The portals are the iSTUDENT Portal System, iLearn V3 Login, Electronic Question Paper System, Portal I-Staf, PRISMa, iRMIs and UiTM Consultancy Unit website.

The demand, pasted on Pastebin on Jan 29, says if UiTM doesn’t comply by Feb 4, the person will leak 100,000 student records a day on Facebook, Twitter, Instagram, Pastebin,  Telegram and WhatsApp.

On Jan 25 it was reported that the records of 1,164,540 students and alumni enrolled between 2000 and 2018 has been leaked.

The leaked student records include details like students’ names, MyKad numbers, house addresses, email addresses, campus codes, campus names, programme codes, course levels, student IDs and mobile numbers.

“It would take a basic idiot one day to implement this security measure across all the sites,” claimed AA.

The individual claimed that UiTM has failed to implement basic security measure for its online systems, describing its English Evaluation Test (EET) system as a “security nightmare” which could easily be bypassed by anyone with basic Javascript knowledge.

“The greatest disappointment is, of course, your failure to disclose the fact that there was in fact a data breach, and that millions of data have been leaked. You have decided to cover up the fact, when you should have announced it long before,” claimed AA.

A UiTM spokesperson said the university is looking into the demand.

UiTM vice-chancellor Emeritus Prof Datuk Dr Hassan Said has since denied that the university’s system was hacked, saying screenshots of the leaked data doesn’t match the formatting of UiTM’s internal systems.

“This shows that the information has been edited or manipulated by irresponsible parties, and proves that the information is not the gleaned from a hack of UiTM’s systems,” he said in a press statement last week.

Article type: metered
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights

Next In Tech News

Biden administration sets new requirements for US secure networks Premium
With U.S. labor scarce, logistics firms turn to remote forklifts Premium
Hyundai Motor partners with quantum computer firm IonQ for battery development Premium
Intel orders ASML system for well over $340 million in quest for chipmaking edge Premium
Exclusive-Google to improve enforcement of adult ads policy Premium
Telecom Italia shares slide further as doubts over KKR's bid intensify Premium
Heritage land dispute over Amazon's new Africa HQ goes to court Premium
British digital banking app Revolut launches U.S. stock trading Premium
‘Game changer’ electric moped batteries spread from Taiwan across Asia Premium
S.Korea's LG Energy Solution sees record retail demand for IPO Premium

Others Also Read