Our checks indicate that the page, before it was defaced, was primarily used as a financial transaction page by students to make fees payments, and there now might be a risk that students personal details as well as their payment records might have been compromised.
We can also independently confirm that the defaced page is originating from within UM’s own infrastructures, and carries a properly signed HTTPS certificate indicating that this is not a simple redirect or DNS based attack. We have reached out to UM and will update this article once we know more.
