In Malaysia, numerous incidents of data leakage have occurred, often instigated by cybercriminals. However, in this particular instance, it was the organisation itself that inadvertently exposed the data.
FMT reports that Universiti Teknologi Mara (UiTM) acknowledged that personal information, including MyKad numbers, of nearly 12,000 applicants was exposed on an insecure link. This came after allegations emerged that the data had been leaked on the internet.
Yesterday, a Twitter user, @imraimy, alleged that UiTM had made the MyKad numbers and emails of 11,891 applicants available online.
According to the same user, the link was shared with students to verify their information using the browser search function.
Later, UiTM confirmed that the link to the list has been deactivated in response and expressed apologies for the error.
Users on social media swiftly criticised UiTM for the mistake, accusing the university of negligence. Additionally, some individuals pointed out the institution’s failure to employ appropriate data management software for safeguarding the information.
Something similar happened back in January 2019, when more than 1 million UiTM students data was leaked online according to Lowyat.net. The data that was exposed comprises comprehensive student records from both the main campus of UiTM in Shah Alam and its 13 autonomous state campuses across the country.
The breached information includes specific details such as Student ID, Student Name, MyKAD Number, Address, Email Address, Campus Codes, Campus Names, Program Codes, Course Levels, and Mobile Phone numbers.