Cyber Incident Victim: Midlands State University
Date:
Nov 2018
Location:
Zimbabwe
Summary
A cybersecurity breach at Midlands State University compromised its systems, prompting the indefinite postponement of Student Representative Council elections to protect electoral integrity. The institution's IT experts identified a serious security compromise, leading administrators to prioritize credible and transparent voting processes over proceeding with the scheduled elections. While the university's voting portal later displayed an ambiguous "We are back" message, the breach notice remained accessible from their main website, indicating unresolved issues. The incident disrupted campus governance activities and necessitated system safeguards before resuming electoral operations.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Midlands State University in Zimbabwe experienced a cybersecurity incident in early November 2018 that disrupted scheduled Student Representative Council elections. On November 9, 2018, the university postponed its elections through an official statement posted at http://vote.msu.ac.zw/ by Registrar E Mupfiga, citing detection of a "serious and massive security breach" by their Information Technology experts. The elections, originally planned for November 9 and November 15, were delayed indefinitely to protect electoral integrity. University leadership emphasized their obligation to conduct voting through "credible, professional and transparent" processes that accurately reflected student preferences. This breach represented a direct operational impact on university governance activities, forcing administrative intervention. The institution took immediate containment measures by suspending the electoral process while investigating the compromise. No specific technical details about the attack vector or intrusion methods were disclosed in the public statement.
By November 12, 2018, the election website displayed a minimalistic message stating "We are back" alongside the university motto, though attribution of this message remained unclear. The original postponement notice remained accessible via the university's homepage, indicating ongoing disruption to election systems. The cybersecurity incident exclusively affected election-related operations without evidence of broader network compromise or data exfiltration. University officials maintained focus on restoring electoral integrity rather than disclosing forensic findings. No threat actor claims or cryptocurrency mining connections appeared in available reporting, distinguishing this incident from contemporaneous cryptomining attacks at St. Francis Xavier University in Canada. The breach's lasting consequences included indefinite suspension of student elections and public visibility of cybersecurity vulnerabilities in academic governance systems.