A group of students, acting under the pseudonym Guild of Pirates, claim to have gained access to sensitive data this week within the Guild of Students’ computer systems.
The claims were substantiated last Thursday as the group released a copy of this year’s Gradball ticket through their Twitter account @GuildofPirates, taunting: “We’ve got our gradball ticket, have you?”
On Monday, the group released another tweet under the hashtag #SecureTheGuild, purporting to have gained control over the Guild’s email server. This enabled them to send their open letter to all staff within the organisation from the CEO’s account.
The letter, available in full at guildofpirates.co.uk, alleges that “YOUR Guild of Students is failing you” as it, “fails to protect its sensitive data and services.”
Their website, outlining the groups motives and intentions, explains that the Guild’s IT infrastructure is relatively open to infiltration and accessible to anybody with a laptop, due to the widespread use of simple default passwords and “just plain negligence”.
The group’s reasoning for conducting this activity follows a proposed motion GC.2.15.8i submitted to Guild Council in February.
The motion mandates the Vice President (Democracy, Resources and Sustainability) Bethan Dovey to report back to the Guild’s democratic body with an outline of the organisation’s data back-up and network security policies. The need for this review is cited as being that the Guild holds numerous personal details of student staff and society members such as addresses, bank details, national insurance numbers and telephone numbers.
“It doesn’t fill me with much confidence that my personal details can be out in the open like that.”
Branding Guild Council as “needlessly bureaucratic and tedious,” the hackers have clearly decided to take matters into their own hands by conducting this activity. The group maintain that they have no intention of reading the files or emails of any account on the Guild’s network and that their primary motive is to encourage the Guild to bolster it’s security
Katie, a first year English and History student, said that the group “don’t seem particularly malicious.” However, she is “still concerned” that her personal information could be accessed by anybody. “It doesn’t fill me with much confidence that my personal details can be out in the open like that.”
Niall, a second year English Literature student, wonders “what a larger, more malicious organisation of hackers could do if it was so easy for a small group of students.”
As of Thursday 30 April, the Guild of Students are yet to provide a statement to BurnFM.
In the mean time, the hacktivists, claiming to be a group of “concerned students”, are expected to release further information every few days until the Guild secures its systems. In addition, they have issued an ultimatum warning that they will release the line up of this year’s Gradball should enough people follow their Twitter account before the Guild of Students has taken sufficient action.