The University of Nairobi (UoN) has initiated an investigation into a group of hackers who unlawfully accessed students’ portal on Wednesday, July 19.
In a statement released on Friday, July 21, the University reported that the hackers had sent emails making claims about their breach to several students and staff members, including the deputy vice chancellor of academic affairs.
“We regret to notify you of a possible data breach at the University affecting the Student Management Information System (SMIS) system where your personal data may have been accessed.” stated Mr. Paul Kariuki, the Director of ICT & Data Protection Officer.
The University confirmed that it had taken immediate action by disabling the SMIS portal to prevent any further attacks and data losses.
“We have taken the SMIS offline in order to avoid any further data loss until further notice. We are investigating this incident which we have already escalated to the National Computer and Cybercrimes Coordination Committee and the Office of the Data Protection Commissioner as is required by law.” the statement read in part.
Mr. Kariuki emphasized that the University is committed to safeguarding students’ data and is currently conducting thorough investigations. Additionally, the institution is working on reinforcing its ICT security measures to ensure data security.
“This email serves as a notification to you of the unfolding security incident at the University, as an affected party, as is required by the Data Protection Act 2019.” Mr Kariuki assured the students.
This incident comes few moths after an unknown hacker took over Kabarak University’s Facebook page.
On the night of May 4th, questionable posts started appearing on the university’s social media platform.
Upon seizing control of the page, the hacker began posting content that contradicted the institution’s Christian principles and values.
The hacker’s fondness for super bikes was evident in their choice of posts, which included videos in foreign languages.
Vice-Chancellor Henry Kiplangat confirmed that the page was recovered after joint efforts by the university’s cyber security team and experts from Facebook’s parent company, Meta.