Anonymous individual threatens to leak UiTM student data if demand not met

  • TECH
  • Wednesday, 30 Jan 2019

An aerial view of the UiTM campus in Puncak Alam, Selangor. A massive data leak has compromised the details of over one million UiTM students. — UiTM Cawangan Selangor Facebook page

An anonymous individual, who claims to be the source that leaked the Universiti Teknologi MARA (UiTM) data breach to tech portal, is now threatening to leak the data on several sites if the university doesn’t upgrade its security system.

Only known as AA, the person reached out to The Star via email, and demands that UiTM implements Secure Sockets Layer (SSL) and TLS (Transport Layer Security) security certificates on seven portals linked to the university.

The portals are the iSTUDENT Portal System, iLearn V3 Login, Electronic Question Paper System, Portal I-Staf, PRISMa, iRMIs and UiTM Consultancy Unit website.

The demand, pasted on Pastebin on Jan 29, says if UiTM doesn’t comply by Feb 4, the person will leak 100,000 student records a day on Facebook, Twitter, Instagram, Pastebin,  Telegram and WhatsApp.

On Jan 25 it was reported that the records of 1,164,540 students and alumni enrolled between 2000 and 2018 has been leaked.

The leaked student records include details like students’ names, MyKad numbers, house addresses, email addresses, campus codes, campus names, programme codes, course levels, student IDs and mobile numbers.

“It would take a basic idiot one day to implement this security measure across all the sites,” claimed AA.

The individual claimed that UiTM has failed to implement basic security measure for its online systems, describing its English Evaluation Test (EET) system as a “security nightmare” which could easily be bypassed by anyone with basic Javascript knowledge.

“The greatest disappointment is, of course, your failure to disclose the fact that there was in fact a data breach, and that millions of data have been leaked. You have decided to cover up the fact, when you should have announced it long before,” claimed AA.

A UiTM spokesperson said the university is looking into the demand.

UiTM vice-chancellor Emeritus Prof Datuk Dr Hassan Said has since denied that the university’s system was hacked, saying screenshots of the leaked data doesn’t match the formatting of UiTM’s internal systems.

“This shows that the information has been edited or manipulated by irresponsible parties, and proves that the information is not the gleaned from a hack of UiTM’s systems,” he said in a press statement last week.

Start your ads-free experience now!

Monthly Plan


Annual Plan


Billed as RM148.00/year

1 month

Free Trial

For new subscribers only

Cancel anytime. No ads. Auto-renewal. Unlimited access to the web and app. Personalised features. Members rewards.
Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Tech News

OpenAI CEO says company could become benefit corporation- The Information
Google loses bid to end US antitrust case over digital advertising
Apple, Meta set to face EU charges under landmark tech rules, sources say
New York recovers $50 million for defrauded Gemini Earn crypto investors
Tempus AI shares jump 8% in strong Nasdaq debut as US IPO market thaws
Meta pauses AI models launch in Europe due to Irish request
Adobe surges as AI optimism fuels annual revenue forecast
Microsoft to invest $7.16 billion in new data centres in northeastern Spain
Bitcoin miners pivot to South-East Asia after�China crackdown
China elder care sector plugs smart gadgets to fill workforce gaps

Others Also Read