PUP, FEU probe hacking of student portals

By Minka Klaudia Tiangco The Polytechnic University of the Philippines (PUP) and Far Eastern University confirmed on Thursday (June 18) that their student portals were hacked. Both student portals were made temporarily unavailable as the universities launched investigations into the hacking incidents. An initial probe led by the PUP-Information and Communications Technology Office (ICTO) in the hacking of the PUP Student Information System (SIS) showed that no "sensitive" user's information was "compromised" despite some of its students' personal data being leaked. In a statement, the PUP-ICTO said they have already determined the extent of the data breach and are now strengthening the information systems' security features. "The Polytechnic University of the Philippines-Information and Communications Technology Office (PUP-ICTO) has conducted an initial probe on the report that the PUP Student Information System (SIS) was hacked causing exposure of some student personal data," its statement read. "ICTO... will implement measures to further strengthen the security features of the information systems of the University," it added. Meanwhile, FEU said it tapped an external cybersecurity provider to assist them with the investigation. "We assure you that this incident is being taken seriously," its statement read. "We have... engaged the services of an external cybersecurity provider to augment our assessment and security measures." Both universities said it has informed the National Privacy Commission (NPC) of the breach in their student portals. Members of the PUP and FEU communities were also told to change their passwords and practice other precautionary measures to protect their accounts and data. Earlier this month, San Beda University also experienced a breach in its student portal, when an alleged hacker gained access to its students' personal data and released it on social media app Twitter. In a statement issued to members of the Bedan community, the university said it is already investigating the incident. It also filed a complaint before the National Bureau of Investigation-Anti-Cyber Crime Division and has informed the NPC of the hacking incident.