Cyber Incident Victim: English Language Academy of the University of Auckland

On May 18, 2015, the University of Auckland's English Language Academy (ELA) website was compromised by a group identifying as the Middle East Cyber Army. The defacement became visible when users searched for the ELA site via Google, where the search result displayed "Hacked By Middle East Cyber army" alongside the message "WE ARE MUSLIMS AND WE ARE PROUD!!!" and an Arabic phrase translating to a declaration of Islamic faith. The attack occurred over the weekend, though the exact timing of initial intrusion remains unspecified. For approximately 12 hours following the discovery, visitors attempting to access the ELA website encountered an "under maintenance" notice instead of the homepage, while the hacked message persisted in Google search listings until the morning of May 18. The website was fully restored by 10:30 AM that day. Notably, the attackers erroneously claimed responsibility for breaching "The University of the Australian" in a Facebook post preceding the incident, suggesting potential confusion about their target.

University officials confirmed the ELA website was hosted on a third-party server, emphasizing that no student data resided on the compromised system and no privacy breaches occurred. Upon being alerted to the intrusion, ELA administrators immediately took the site offline to contain the incident and initiated restoration procedures. The Middle East Cyber Army had previously targeted low-profile websites, including an Arkansas school district platform and a municipal site serving a Quebec community of fewer than 2,000 residents. The attack caused temporary disruption to ELA's online presence but did not affect academic operations or compromise institutional data systems. No further technical details regarding the attack vector, duration of unauthorized access, or specific remediation steps were disclosed by university representatives.