AS we were scanning through the cyberspace we tested the vulnerability of Bulawayo Polytechnic College campus portal.
This serves to notify you that your educational portal is completely insecure and we would like to take you through the vulnerabilities that can be exploited by a basic information and communications technology person.
We were able to enter your system without a username and password as a student and we can also enter your lecturers’ portal without a username and a password.
With this kind of vulnerabilities, students can change their grades or do anything with your respective system that has a long-term repercussion on their education. Attached is proof that we were able to enter the system with ease and imagine if we were cyber criminals what would have happened?
To introduce myself, Jacob Kudzayi Mutisi, I am an information and communications technology professional and the current ICT chair for the Zimbabwe Institution of Engineers, chairperson of the Zimbabwe Internet Service Providers Association and chief executive officer of Hansole Investments which is a leading ICT company in Zimbabwe.
This letter serves to inform you that this is an urgent matter which will need your urgent attention.
We are prepared to demonstrate these vulnerabilities through a Zoom meeting since we are in Harare and provide possible solutions that will protect your portal system. -Jacob Kudzayi Mutisi
