[ISN] Hacker exposes financial information at Georgia Tech

From: InfoSec News (isnat_private)
Date: Mon Mar 18 2002 - 23:36:57 PST

  • Next message: InfoSec News: "RE: [ISN] Personnel Shortage Hindering Net Security"

    http://www.computerworld.com/storyba/0,4125,NAV47_STO69213,00.html
    
    By BRIAN SULLIVAN 
    March 18, 2002
    
    State and federal authorities are investigating a hack into a computer
    server at the Atlanta-based Georgia Institute of Technology (Georgia
    Tech) last week.
    
    An undetermined number of employee financial records and university
    credit card numbers could have been exposed when the server was hacked
    last week, institute spokesman Bob Hardy said this afternoon.
    
    The university has created a special Web site for employees and other
    members of the community explaining what to do to protect themselves,
    although Hardy stressed that no student or alumni records were exposed
    in the attack.
    
    The server that was hacked into contained reimbursement records for
    employees, some of which contained credit card information, and the
    records for university credit accounts used to pay for "petty cash"  
    type purchases by university departments for transactions processed
    during the past 20 months.
    
    All banks and credit card companies have been told about the exposure;  
    all university credit cards have been cancelled and are being
    reissued, Hardy said.
    
    Georgia Tech's webmaster discovered the break-in on March 11 when he
    noticed that the logs for the server had been erased sometime early on
    March 10. Research conducted by the institute's IT department showed
    that there had been a large spike in activity on the server over the
    weekend. Hardy said IT officials theorize that someone on the outside
    used the server to download and then upload a large number of files.  
    They think that the hacker probably parked a movie or other large
    files on the server and then let his or her friends know where they
    could download the information. Following this process, the
    information was taken off the server and the logs erased.
    
    Hardy said he believes that Georgia Tech was a target because
    universities, because of the nature of their business, are somewhat
    open and known to offer a lot of Internet bandwidth. Since the attack,
    access to the server has been strictly limited, he said.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Mar 19 2002 - 02:08:49 PST