Former Student Charged in Texas A&M Breach that Affected 130,000
Technorati Tag: Security Breach
Date Reported:
9/6/07
Organization:
Texas A&M University
Contractor/Consultant:
None
Victims:
Current and former students, faculty and staff members.
Number Affected:
88,000 130,000 (updated 9/13/07)
Types of Data:
Name, email account, campus wireless access, student records, course management, and grade books.
Breach Description:
A recent computer science graduate has been charged with hacking into Texas A&M's computer system and illegally accessing information on 88,000 students, faculty and staff members.
Reference URL:
http://www.guardian.co.uk/worldlatest/story/0,,-6902530,00.html
http://www.chron.com/disp/story.mpl/ap/tx/5113975.html
Report Credit:
Monica Rhor, Associated Press
Response:
From the online articles depicted above:
"In late February, A&M officials detected a breach in a server that contains log-ins and passwords used by students, faculty and staff, said according to Pierce Cantrell Jr., vice president and associate provost for information technology."
"The passwords could be used to access email, campus wireless access, and a link where student can view their records online, Cantrell said. The log-ins are also used by faculty members for campus email, course management and grade books."
"Social Security numbers and bank account numbers were not accessed, and the breach did not allow entry into the school's financial system or payroll, A&M officials said. No unauthorized changes to the records have been found either, said Cantrell."
"The university has added new safeguards to the system."
Commentary:
University computer systems are typically among the easiest to hack due to the open nature and mentality of college campuses. Many universities also lack the proper experienced staff for a variety of reasons. This breach could have been much worse (and might actually be).
Past Breaches:
None
Date Reported:
9/6/07
Organization:
Texas A&M University
Contractor/Consultant:
None
Victims:
Current and former students, faculty and staff members.
Number Affected:
Types of Data:
Name, email account, campus wireless access, student records, course management, and grade books.
Breach Description:
A recent computer science graduate has been charged with hacking into Texas A&M's computer system and illegally accessing information on 88,000 students, faculty and staff members.
Reference URL:
http://www.guardian.co.uk/worldlatest/story/0,,-6902530,00.html
http://www.chron.com/disp/story.mpl/ap/tx/5113975.html
Report Credit:
Monica Rhor, Associated Press
Response:
From the online articles depicted above:
"In late February, A&M officials detected a breach in a server that contains log-ins and passwords used by students, faculty and staff, said according to Pierce Cantrell Jr., vice president and associate provost for information technology."
"The passwords could be used to access email, campus wireless access, and a link where student can view their records online, Cantrell said. The log-ins are also used by faculty members for campus email, course management and grade books."
"Social Security numbers and bank account numbers were not accessed, and the breach did not allow entry into the school's financial system or payroll, A&M officials said. No unauthorized changes to the records have been found either, said Cantrell."
"The university has added new safeguards to the system."
Commentary:
University computer systems are typically among the easiest to hack due to the open nature and mentality of college campuses. Many universities also lack the proper experienced staff for a variety of reasons. This breach could have been much worse (and might actually be).
Past Breaches:
None
Posts Atom 1.0
CONVICTED:
"A Texas A&M University computer science graduate was convicted Wednesday of hacking into the A&M computer system and stealing more than 130,000 student and employee user names and passwords, federal authorities said."
Story here: http://www.theeagle.com/stories/091307/am_20070913051.php
Can you change the number affected to 130,000?
Reply to this
That is the university's problem. They've known about the existence of this problem and still they didn't hire no one specialized in this. I don't blame the kid.. and I'm sure his not the only one doing this.
Reply to this
I agree that it is the university's fault not the kid's really.
Reply to this