The following message is circulating in a university Facebook group, which says that the Neptun system of the University of Debrecen is as easy to hack as it is the systems of ELTE, Corvinus, Óbuda, Miskolc or Pécs universities. It is possible that the attacker had access to the profile of a university lecturer in Debrecen, from where he/she sent at least 50 students a message.
In response to Debrecen Sun’s inquiry, the University of Debrecen acknowledged the fact of the attack in the following statement:
The University of Debrecen was also affected by a series of IT attacks affecting the study system of domestic higher education institutions. On the evening of Monday, May 1, a hacker accessed the Neptun system using an acquired lecturer’s ID, from which he sent a political message to the students. Thanks to the previously introduced preventive measures, the message reached only a minimal number of recipients.
In his message, the attacker admitted that he was unable to work with the method previously used at another university, so the sent message only reached a part of the students and was available as an internal message within Neptun for only one hour. After that, the entire system was shut down for a security check, and the university’s IT specialists reconnected it the next morning, Tuesday, May 2. The electronic study system works as intended, it fulfills the basic function (examination registration, registration of achievements). Instead of Neptun’s internal messaging service, the university’s educational units keep in touch with students through other usual channels.
The institution notified the computer security incident response team of the National Cyber Protection Institute about the incident and will take the necessary legal steps.
Responding to the situation, the University of Debrecen further tightens its information security protocols, implements further developments, and does everything to ensure that the data and intellectual products of the institution’s students, instructors, researchers, and employees, as well as the critical IT systems used, are safe. In the future, this will result in security measures being raised to a higher level, affecting users as well. At the same time, the University of Debrecen condemns all forms of violence and incitement to hatred, including cybercrime that endangers IT and data security, which complicates the work and everyday life of university citizens.
– the Press Center of the University of Debrecen informed our portal.