YouthConnect: Major data breach at Universiti Teknologi Mara (UiTM)?

Universiti Teknologi Mara

Labelled as one of the greatest data breaches in the country, private information of over a million students and alumni of Universiti Teknologi Mara (UiTM) between 2000 – 2018 was leaked.

The leaked data apparently includes personal details such as the students’ names, MyKad numbers, house and email addresses, campus codes, campus names, programme codes, course levels, student IDs and mobile numbers.

According to reports, records of 1,164,540 students was compromised, affecting records from UiTM campuses around the country, including the main one in Shah Alam.

It also affects students enrolled in UiTM accredited courses at external colleges like Kolej Yayasan Terengganu, Institut Teknologi Perak and Institut Yayasan Bumiputera Pulau Pinang.

The data breach had apparently occurred between February and March last year, according to anonymous sources.

However, UiTM vice-chancellor Emeritus Prof Datuk Dr Hassan Said denied that the university system was hacked, as screenshots of the leaked data didn’t match the formatting of UiTM’s internal system.

Cybersecurity company LGMS director Fong Choong Fook pointed out that the breach was reported to have occurred last year, thus the information could have already been sold by the original hackers before being leaked by a purchaser, perhaps for political agenda, fame or even to shame someone.

“The personal data leaked is valuable. Imagine I have your full data, I could try to apply for credit cards and even loans from credit companies,” he claimed.

He added that it was an open secret that even legitimate businesses like marketing and advertising firms would want such data for targeted advertising.

Asked if there was anything that the affected alumni could do to mitigate the damage, Fong said there was not much they could do, though if the database contained their password hashes, the victims should change these at once.

Full article from YouthConnect

You may also find other interesting LGMS News at the following links:

Malaysian Reserve: National cyber defence policy are needed in Malaysia
Malaysian Digest: Govt Targets 2,000 Data Scientists By 2020
BFM: Terrifying Technology Tribulations
FreeMalaysiaToday: Security expert shows how gullible Malaysians are online
Google+ Data Breach: Interview with Radio Sputnik