[ISN] Hackers strike Georgia Tech computer, gain credit card data

From: InfoSec News (isnat_private)
Date: Mon Mar 31 2003 - 02:28:21 PST

  • Next message: InfoSec News: "[ISN] Utah ISP is victim of retaliation following hackers' attack on Al-Jazeera"

    http://www.accessatlanta.com/ajc/business/0303/28hacker.html
    
    By BILL HUSTED 
    The Atlanta Journal-Constitution 
    3/28/03
    
    Computer hackers invaded a computer at Georgia Tech and copied names,
    addresses and -- in some cases -- credit card information for 57,000
    patrons of the Ferst Center for the Arts.
    
    Tech said the database held credit card records for about two-thirds
    of the 57,000 people. Some cards had expired. The hackers had access
    to the computer between Feb. 4 and March 14, when the attack was
    discovered.
    
    Ferst is an entertainment venue that offers concerts, recitals,
    lectures, dance, film and theater to the public.
    
    There's no evidence any credit card numbers have been used by hackers.  
    Tech sent letters to patrons this week warning of "a potentially
    serious security breach." The letter advised them to check with credit
    reporting agencies and credit card companies to make sure their
    information is not being used fraudulently.
    
    Tech's computer security experts discovered the attack through
    internal monitoring, said Bob Harty, a Tech spokesman. It used a
    tactic known as "denial of service." Once hackers invade a networked
    computer, they can take control of it and use it to overload Web sites
    and other computers with data.
    
    The same stealthy program that lets hackers control the computer -- a
    so-called Trojan horse -- provides a secret back door into the
    computer and its contents.
    
    Tech said its experts believe hackers did not immediately copy
    customer records.
    
    "As best we can tell, we think nothing happened until March," Harty
    said.
    
    Tech is nationally recognized for engineering and computer technology.  
    Harty admitted: "It is always tough to go public. There is much
    chagrin here. We are not happy about it all."
    
    Tech admitted the Ferst Center computer was lost in the shuffle after
    control of it was transferred from one department to another. It was
    not protected by a firewall, something that even home users often do.  
    It had not recently had its security software updated. As a result of
    the incident, a security survey is being made to find any other
    unprotected computers.
    
    Harty said Tech could have simply notified credit card companies and
    not patrons. He said credit card companies would have notified
    customers of the problem, but "frankly they would have not identified
    the source of the problem."
    
    Tech has told the GBI and FBI about the break-in. Harty said there are
    no suspects, and "it is our understanding that it was someone not in
    this country. I would prefer not to get too specific."
    
    Chris Rouland of Atlanta-based Internet Security Systems said hackers
    specializing in "extracting financial information" seem to be
    concentrated in South Korea, Eastern Europe and the former Soviet
    republics. Based on similar crimes, Rouland offers little hope of an
    arrest.
    
    Rouland wasn't surprised by the attack, even at a institution like
    Tech.
    
    "We find if you plug a computer into the Internet without protection
    it will generally be hijacked within four hours," he said. Rouland
    said universities are especially desirable targets because they offer
    a lot of computer bandwidth for hackers to use.
    
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Mar 31 2003 - 05:04:12 PST