A hacker group claimed it has stolen the personal data of thousands of students from Universiti Malaysia Sabah (UMS).
In an email to The Star, one of the members sent links to “sample” files containing information such as name, student ID, faculty, address, email and MyKad number.
The group, known as BreachDB, has also put up a post on Twitter, offering for sale the personal data of 50,000 students for US$50 (RM210) in bitcoin.
The BreachDB crew, a four-person team, said it hacked for fun and profit.
A quick check online showed that the names and student IDs match but some of these details are available even on the UMS website.The Star has reached out to the university which is investigating the matter but has yet to release a statement. UMS currently has over 17,000 students and it produces around 5,000 graduates each year.
We have also informed the Malaysian Communications And Multimedia Commission (MCMC), Cybersecurity Malaysia, National Cyber Security Agency (Nascsa) and Personal Data Protection Department (JPDP).
Last month, Universiti Malaya claimed that no data was leaked after its E-Pay Cashless Payment and Records portal was defaced.
However, later on the same day, local tech portal Lowyat.net claimed that personal data of both UM academic and non-academic staff, including payslips and bank account details were leaked on an anonymous file-sharing site.
Earlier this year, another hacker claimed to have stolen the personal data of students from Universiti Teknologi MARA (UiTM).
According to Lowyat.net the records of 1,164,540 students were compromised from UiTM campuses around the country, including the main one in Shah Alam.