[ISN] OU upholds firings over computer breaches

From: InfoSec News (alerts@private)
Date: Fri Nov 17 2006 - 02:10:26 PST


http://www.columbusdispatch.com/news-story.php?story=227147

By Randy Ludlow
The Columbus Dispatch
November 16, 2006

Two Ohio University computer-systems administrators blamed for hacking 
incidents will receive neither apologies nor their jobs back.

Provost Kathy Krendel, rejecting a grievance committee's recommendation 
to reinstate the men with back pay, has upheld the dismissal of Todd 
Acheson and Tom Reid.

William Sams, departing associate provost for information technology, 
blamed the pair for the theft of 367,000 files with personal information 
on OU alumni, students and staff.

An Administrative Senate committee, blaming other OU officials for 
failing to clarify responsibilities for computer security, last month 
found Acheson and Reid were wrongfully fired.

Krendl decided Wednesday to endorse the dismissal of Reid, director of 
computer and network services, and Acheson, Internet and systems 
manager. They were fired Aug. 4.

While finding neither guilty of intentional wrongdoing, Krendl wrote to 
the men that they failed to take the necessary proactive steps to 
protect confidential information.

Two Columbus lawyers representing the men criticized Krendl for casting 
aside the findings of what they said was the only independent group to 
study the high-profile hacking incidents.

The provost has turned this into a kangaroo proceeding, said Fred 
Gittes, who represents Acheson. He said Krendl's action was designed to 
cover up the incompetence of OU administrators who made scapegoats of 
Acheson and Reid.

James Colner, who represents Reid, was disappointed that OU officials 
did not take this opportunity to do the right thing and correct this 
miscarriage of justice.

OU accidentally discovered last spring that hackers had been tapping 
computer servers at the Athens university, raising concerns about 
identity theft.

An alumni database containing Social Security numbers and other personal 
information was unsecured for more than a year. Hackers also accessed 
medical information on students and staff.

OU since has reorganized its computer operations amid a security and 
equipment upgrade that will cost up to $8 million.


_________________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Fri Nov 17 2006 - 02:33:29 PST