Data from Nigerian and Kenyan universities compromised after unis fail to act upon whitehat’s notifications
Emanuel Paul reports:
…Techpoint can confirm that the websites and databases of two Nigerian universities — Ahmadu Bello University (ABU), Zaria and the University of Benin (UNIBEN), Benin City — and Mount Kenya University, Thika, Kenya are porous, vulnerable and in urgent need of attention.
Also, these data which include admission lists, course registration details, and personal data of students and staff are being shared in some exclusive hacker forums, leaving students, lecturers, and administrators, at the complete mercy of unknown cybercriminals.
Read more on TechPoint for more on the breaches and the cultural aspects. Having tried unsuccessfully to notify a few African universities myself in the past, I am not surprised by what I read in the article, but it is certainly disheartening.
Update of June 4:
Yesterday, Eddy Mwanza reported that Mount Kenya University is denying the claims. Here is part of the university’s statement:
“Dear students, it has come to our attention that some fictitious website is claiming to have our students data, this was preceded by earlier claims that they were able to alter students marks. However, this did not work and have resulted to other means.
“We would like to assure our students that their University data is safe and should dismiss such allegations. In case of any queries do not hesitate to contact our office,” reads the University’s statement in part.
So there’s more to be investigated on this one.