Ministry to boost security over varsity data breaches
PUTRAJAYA: The Education Ministry will work on tightening cybersecurity at public institutions of higher education following news reports about data breaches which allegedly hit three universities.
“We’re working to make sure we have better protection and stronger security everywhere,” said minister Dr Maszlee Malik.
These measures would cover the ministry and its agencies as well, he said yesterday.
Maszlee also said that there has been a lot of talk of data leaks, but urged the public to verify them before sharing them.
Two days ago, a hacker group contacted The Star, claiming to have stolen the personal data of thousands of students from Universiti Malaysia Sabah (UMS).
In the e-mail, one of the members sent links to “sample” files containing information such as name, student ID, faculty, address, email and MyKad number.
The group, known as BreachDB, has also put up a post on Twitter, offering for sale the personal data of 50,000 students for US$50 (RM210) in bitcoin.
A check showed that the names and student IDs had matched but some of these details are available even on the UMS website.
The BreachDB crew, a four-person team, said it hacks for fun and profit.
UMS is investigating the matter but has yet to release a statement.
The Star contacted the Malaysian Communications and Multimedia Commission (MCMC), Cybersecurity Malaysia, National Cyber Security Agency and Personal Data Protection Department but there is no response yet as at press time.
Last month, Universiti Malaya said that no data was leaked after its E-Pay Cashless Payment and Records portal was defaced.
However, tech portal Lowyat.net claimed that the personal data of both UM academic and non-academic staff, including payslips and bank account details, were leaked on an anonymous file-sharing site.
Maszlee, however, said the ministry had not received any report yet.