Monday, August 3, 2009

Ex-Unitec Student Hacks Unitec Website

In Unison
An ex-international Unitec student recently hacked into the Unitec website in protest of not being allowed back into New Zealand.

The hacker, who goes by the online name Hieupc posted a message on July 20 saying he was an international student at Unitec but didn’t get to finish his degree because his visa renewal was denied.

The Unitec website was down for two days and then on July 24 he hacked into the Auckland University website.

Hieupc, who had been studying the English language at Unitec from May until December last year, told In Unison he hacked into the sites to get his message across, stating he was set-up for fraud by a Chinese flatmate.

Hieupc says the flatmate set him up for credit card fraud, by using his TradeMe account and bank account to sell tickets he had bought with stolen credit card details.

When the fraud was linked back to Hieupc, his bank account and TradeMe accounts were closed, and the police started an investigation into the credit card fraud. By this point, the flatmate had left Auckland, and Hieupc could not contact him.

“Next days, that was terrible days for me. I couldn’t imagine that happened to me. I was so scared and I don’t want to go to a jail. I want to continue my study but it’s impossible,” Hieupc says.

He and his sister refunded the money to the TradeMe buyers which he says cost him dearly.

He says he then went back to Vietnam to take care of his sick mother in the term break, and when he went to renew his visa to come back to New Zealand, it was denied.

“That’s the end of my life, my future.”

However, a spokesperson for TradeMe and a festival organiser who was caught up in the fraud believed Hieupc admitted to the fraud.

Chris Budge, TradeMe’s Trust and Safety Manager confirmed TradeMe investigators spoke to Hieupc and his sister over the issue at the time.

He said that stolen credit cards were used to buy tickets online from Ticketek and Ticketmaster.

When the charges for the tickets came up on people’s balances, they got in touch with their banks, the tickets were cancelled and the money refunded to the card owners. It was up to Hieupc and his sister to refund the money to the TradeMe members. If they had not, a criminal complaint against Hieupc would have been considered, Mr Budge says.

Hieupc was also accused of using stolen credit cards to buy tickets for the New Years festival Phat 09.

The festival organiser Dave White says Hieupc used stolen Amex credit card numbers bought overseas to purchase Phat09 tickets. When the organisers were told about it they tracked the numbers and cancelled the tickets.

Mr White said it was a situation where everyone involved lost out.

In regards to the hacking, Hieupc says he was surprised at how easy it was to hack into the Unitec site, criticising its security levels. He found a bug on the site, and then hacked into the server.

A Unitec spokesperson said this was the first time since the websites inception in 1998 that a security breach of this sort has occurred.

Unitec responded by upgrading the current level of security to ensure there is no further re-occurrence.