First Macau government, now Hong Kong University falls victim to cyberattack
Hackers hit thousands of students and staff e-mail accounts and may have mined sensitive information such as salaries and exam grades
The University of Hong Kong has become the latest victim of a major cyberattack after hackers targeted thousands of its online accounts belonging to staff and students.
Data such as student grades and staff salaries may have been accessed by hackers, but the full extent of the attack is still being investigated. This comes less than a week after Macau's Chief Executive Dr Fernando Chui Sai-on revealed his government's e-mail accounts had been attacked by hackers in Hong Kong and the United States.
HKU staff detected the attack on Tuesday during a routine security scan of the university's online platforms, noticing "some Trojan hacking software" that mined usernames and passwords. IT staff immediately stepped up cybersecurity efforts to halt the attack on the HKU Portal - the university's gateway to two comprehensive databases covering all its students and staff.
"We took immediate action to remove the hacking software and took measures to prevent further hacking," said an HKU spokeswoman. A total of 3,676 e-mail accounts were compromised. An e-mail alert on Wednesday afternoon was sent to the victims: 1,976 graduates, 1,261 staff, 118 students, 62 retirees. Some 259 administrative accounts were also hacked.
We took immediate action to remove the hacking software and took measures to prevent further hacking
The spokeswoman said the affected accounts were suspended and users were asked to change their passwords before they could re-activate their accounts so as to stop further unauthorised access.