The Massey University intranet system utilised by students from all across New Zealand, MyMassey, is under scrutiny after a severe breach of security left thousands of students able to access other people’s highly sensitive information.
Rawa Karetai, President of the Albany Students’ Association, was one of the first students to notice this critical error: “I was first made aware that the website www.mymassey.com started giving out personal information about other students at about 10.40pm. I immediately went and found a computer that was free and started to check to see if I was experiencing the same issues.”
Karetai, like many other students, now had access to a variety of highly sensitive personal information that was not his own. Information at his disposal included, but was not limited to, the following: Massey ID numbers; Full names; Date of Birth; IRD Number; Academic transcripts as well as contact addresses and phone numbers. Students who had discovered this fault were also able sign the person whose information they could now access up for new papers or amend any of their contact details.
Read more on voxy.co.nz