Bhubaneswar, April 21: The e-admission portal of Utkal University that facilitates admission to postgraduate, MPhil, MTech and PhD courses was shut down today.
Security issues had made the website vulnerable to hackers and it was alleged the portal had compromised on security that led to the free access of all personal data being entered by the applicants such as their address, date of birth, mobile phone number, caste and residence certificates.
The university authorities said they were aware of the problem and were trying to fix the issue at the earliest.
"We have received the information. This serious lapse possibly occurred during the initial maintenance period when the data was downloaded. However, we have asked the vendor to shut down the website until the problem is completely solved," said vice-chancellor A.K. Das.
The varsity authorities have initiated an investigation into the matter.
"We will thoroughly probe the matter and hand it over to the cyber police if required," the vice-chancellor said.
Experts and professional hackers had expressed concern over the fact that most information updated by the candidates on the university's e- admission website lack sufficient security.
The "virtual directory listing" enabled on the admission portal had apparently exposed all personal information including name, address details, photos and certificates on the website and anyone with basic computer knowledge can easily access these and misuse the information.
"When an applicant is sharing his/her identifiable information with the university for his/her admission, the varsity authorities are expected not to share the same with any third party without the prior permission of the applicant," said an IT professional.
"This is how privacy compromises take place," said the IT professional.
"It is very likely that the user had chosen the date of birth or place of birth or mother's maiden name as his/her security question for few other online services. This simple scenario points to the vulnerability of exposing personal information unknowingly," said a hacker requesting anonymity.
"The concept of privacy is simple. No one should be able to observe personal details about a person without his or her knowledge and it needs to be protected," said the hacker.
The development has worried the student community who are feeling cynical about their information being misused."Utkal University must not compromise on security of the servers even if it means spending more money. When there are daily reports of terrorist acts, our information could be used without our knowledge and innocents might land up in jail," said Jyotsna Panigrahi, a student.
