[ISN] Hackers break into CDC's Web site

From: InfoSec News (alerts@private)
Date: Mon Feb 05 2007 - 23:19:57 PST


The Atlanta Journal-Constitution

Computer hackers tapped into a Web site at the Centers for Disease 
Control and Prevention last week, planting a virus that has possibly 
infected computers used by people who visited the site, agency officials 

CDC's podcast site, www.cdc.gov/podcasts, which contains audio and video 
on a variety of public health topics, has been taken off the agency's 
Web site and is expected to be down for at least a few days.

"At this time, CDC does not have any evidence that sensitive information 
has been compromised in any way. However, it is possible that computers 
used by visitors to CDC's site may have been infected with a computer 
virus," the agency said in a news item posted Saturday evening at 

"Users that visited the site Thursday morning should ensure their 
computer has been scanned for viruses."

The Atlanta-based agency became aware on Thursday morning that the 
podcast site had been hacked, the news release said.

"As a precaution, CDC has removed the Podcast site and we anticipate the 
site will be down for the next few days. We are working to make sure the 
Podcast site is safe, and we will repost it in a few days," the agency 

"The virus entered the system Thursday morning and within just a few 
hours we had deactivated the site," CDC spokesman Tom Skinner said. 
During that window of time, the CDC estimates there were "several 
hundred" visits to the podcasts Web site, he said. Skinner said he did 
not have any information Sunday about the nature of the virus.

"The investigation is ongoing, but we believe if there is going to be a 
problem, hopefully it will be limited in scope because of the fact we 
were able to detect the virus and take the site down," Skinner said.

Since CDC launched its podcasts Web site in July, the podcasts homepage 
has received 40,000 visits, Skinner said. Information about how many 
podcast subscribers and users may be affected by the site being down was 
unavailable Sunday.

Subscribe to the InfoSec News RSS Feed

This archive was generated by hypermail 2.1.3 : Mon Feb 05 2007 - 23:32:36 PST