H4D3Z, a newcomer hacker that we only identified earlier this month, moved his target from a government website to educational institutions. His latest victims – Our Lady of Fatima University and STI Caloocan.

The website of STI Caloocan, particularly the OJT- assiSTI page of their domain, has been compromised by H4D3Z by inserting a page as if marking his territory in the domain.

OJT-assiSTI is a platform of STI Caloocan that lets them track the progress of their students who are undergoing internship. Based on the available information online, students can check for any available on-the-job (OJT) offerings and the school’s partner companies. They can also upload their resumes and get details of their adviser via the portal. Other documents and requirements for their OJTs are also available on the website that can be accessed via a mobile app too.

Given the amount of personal information stored on this compromised page, H4D3Z could’ve done more serious activities other than defacing it. Although we don’t have any proof yet that the hacker got hold of any personal information, STI Caloocan’s data protection officer must look into this possible data breach and have it coordinated with the National Privacy Commission.

On the other hand, the website of another school, Our Lady of Fatima University (OLFU) was also targetted by H4D3Z. At first, visitors won’t notice any unusual on the website. The homepage still looks exactly fine. However, choosing any of the school’s campuses would redirect you to a simple message from the same hacker – H4D3Z.

There were no indications that H4D3Z did more damaging attacks on both websites. It could just be that he’s just playing around and practicing his scripts across random websites. But who knows? This should still not be taken lightly.

Fjordan Allego
Follow me

Related Posts:

By Fjordan Allego

Fjordan Allego aka Fjordz is an IT security practitioner in the Philippines. He maintains a couple of blogs where he shares his views on various topics that he finds interesting. A self-confessed introvert who's mostly active in social media, Fjordz also loves to travel and explore the wonders of the world.

One thought on “OLFU, STI Caloocan websites compromised”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.