http://www.accessatlanta.com/ajc/business/0303/28hacker.html By BILL HUSTED The Atlanta Journal-Constitution 3/28/03 Computer hackers invaded a computer at Georgia Tech and copied names, addresses and -- in some cases -- credit card information for 57,000 patrons of the Ferst Center for the Arts. Tech said the database held credit card records for about two-thirds of the 57,000 people. Some cards had expired. The hackers had access to the computer between Feb. 4 and March 14, when the attack was discovered. Ferst is an entertainment venue that offers concerts, recitals, lectures, dance, film and theater to the public. There's no evidence any credit card numbers have been used by hackers. Tech sent letters to patrons this week warning of "a potentially serious security breach." The letter advised them to check with credit reporting agencies and credit card companies to make sure their information is not being used fraudulently. Tech's computer security experts discovered the attack through internal monitoring, said Bob Harty, a Tech spokesman. It used a tactic known as "denial of service." Once hackers invade a networked computer, they can take control of it and use it to overload Web sites and other computers with data. The same stealthy program that lets hackers control the computer -- a so-called Trojan horse -- provides a secret back door into the computer and its contents. Tech said its experts believe hackers did not immediately copy customer records. "As best we can tell, we think nothing happened until March," Harty said. Tech is nationally recognized for engineering and computer technology. Harty admitted: "It is always tough to go public. There is much chagrin here. We are not happy about it all." Tech admitted the Ferst Center computer was lost in the shuffle after control of it was transferred from one department to another. It was not protected by a firewall, something that even home users often do. It had not recently had its security software updated. As a result of the incident, a security survey is being made to find any other unprotected computers. Harty said Tech could have simply notified credit card companies and not patrons. He said credit card companies would have notified customers of the problem, but "frankly they would have not identified the source of the problem." Tech has told the GBI and FBI about the break-in. Harty said there are no suspects, and "it is our understanding that it was someone not in this country. I would prefer not to get too specific." Chris Rouland of Atlanta-based Internet Security Systems said hackers specializing in "extracting financial information" seem to be concentrated in South Korea, Eastern Europe and the former Soviet republics. Based on similar crimes, Rouland offers little hope of an arrest. Rouland wasn't surprised by the attack, even at a institution like Tech. "We find if you plug a computer into the Internet without protection it will generally be hijacked within four hours," he said. Rouland said universities are especially desirable targets because they offer a lot of computer bandwidth for hackers to use. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Mar 31 2003 - 05:04:12 PST