Brinztech Alert: The Alleged Database of UNIKI is on Sale

Dark Web News Analysis

The dark web news reports a concerning data breach involving Universitas Islam Kebangsaan Indonesia (UNIKI) (uniki.ac.id). A threat actor is currently offering a database for sale on a hacker forum that allegedly contains sensitive student records. The compromised dataset is reportedly extensive and includes National Student Identification Numbers (NISN), full names, bank account numbers, bank names, phone numbers, physical addresses, and parents’ names. This breach targets the academic sector but carries significant financial implications due to the exposure of direct banking details.

Key Cybersecurity Insights

Breaches in the Indonesian education sector often serve as gateways to broader financial fraud due to the specific data points collected for tuition payments:

• Direct Financial Fraud: The exposure of Bank Account Numbers and Bank Names is the most critical risk. While a PIN is usually needed for withdrawals, this data is sufficient for direct debit fraud or for targeted phishing attacks where scammers claim to be from the university finance department to trick students into authorizing transfers.
• Identity Verification Bypass (Parents’ Names): In Indonesia, “Mother’s Maiden Name” (or parents’ names) is a standard security question for banking and government services. By leaking Parents’ Names alongside the student’s ID and bank details, attackers have the “keys” to bypass security verification at financial institutions.
• NISN Exploitation: The NISN is a lifelong educational identifier. Leaking it can compromise the student’s academic history and eligibility for government scholarships or grants, as attackers could potentially alter records or impersonate the student in national education databases.
• Family-Targeted Phishing: The combination of Student Names and Parents’ Names allows for “virtual kidnapping” scams or fake emergency calls. Scammers can call parents using the leaked phone numbers, claiming their child (identified by name) has been in an accident at the university and demanding immediate payment for medical treatment.

Mitigation Strategies

To protect the students and the institution’s integrity, the following strategies are recommended:

• Financial Monitoring: Students and parents should be advised to monitor the specific bank accounts linked to the university for unauthorized direct debits or suspicious small transactions (often used to test valid accounts).
• Security Question Update: Affected individuals should contact their banks to update their security questions, specifically ensuring that “Mother’s Maiden Name” is no longer the sole method of verification.
• Credential Monitoring: Implement monitoring to see if university email addresses are appearing in other breaches. If students reuse their portal passwords for their banking apps, the risk is compounded.
• Infrastructure Audit: Conduct a thorough security audit of the uniki.ac.id web applications and database access logs to identify the vulnerability (e.g., SQL Injection) that allowed this exfiltration and patch it immediately.

Secure Your Business with Brinztech — Global Cybersecurity Solutions

Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback?

For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com