http://www.thekansascitychannel.com/technology/2764780/detail.html January 14, 2004 KANSAS CITY, Mo. -- A hacker broke into the University of Missouri-Kansas City computer security system, compromising the passwords of about 17,000 students, staff and faculty. The school's Internet system was temporarily shut down Monday as students returned from holiday break. Users were required to change their passwords. The hacker downloaded an encrypted file containing passwords for university e-mail accounts, but there was no evidence other files had been tampered with, said Tom Brenneman, interim director of information services at UMKC. "We are confident that we have stopped any and all problems with this," he said. The FBI is investigating the security breach. UMKC employs a "single-sign-on" system designed to make it easier to use several university services with the same username and password. The computer system allows a person with an e-mail password to access financial information, human-resources records and student grades. Officials would not give specifics about when the breach occurred and the hacker downloaded the passwords. Faculty, staff and students were told late Monday the breach was "discovered" earlier that day. But an internal memo obtained by The Kansas City Star said the first sign of a possible breach occurred Thursday evening, four days earlier. Officials did not react until another incident was detected in the computer logs around midnight Sunday. "That's when we immediately decided to shut down the Internet and change all the passwords," Brenneman said. He said the hackers likely did not have time to unscramble the encrypted passwords before the intrusion was discovered. But independent computer security officials say a four-day span could give hackers enough time to unscramble them and use the passwords to access information. "If someone got that file and knew what they were doing, they could get working passwords, if they had it four days," said Gary Fish, head of Kansas City-based Fishnet Security Systems. The security breach occurred on a Windows-based computer that authenticates the university's Microsoft Exchange e-mail. Mary Lou Hines, vice provost for strategic partnerships for UMKC, alerted the campus community late Monday to the break-in and said the password file had been copied. She assured faculty, staff and students that the file was encrypted but added, "it has been demonstrated that these files can be cracked once they are in the hands of the hacker." Officials said they were pleased that new security monitoring software placed on the system had alerted them to the breach. Brenneman stressed the system was secure. - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Jan 15 2004 - 05:57:42 PST