[ISN] Hackers Break Into GSAS Computer Network, Post Protected Content to Downloading Web Site

From: InfoSec News (alerts@private)
Date: Wed Feb 20 2008 - 23:00:21 PST


http://www.thecrimson.com/article.aspx?ref=521958

By ABBY D. PHILLIP
Crimson Staff Writer
February 19, 2008

Hackers broke into the Web site of the Graduate School of Arts and 
Sciences this weekend and posted secure information to an online 
peer-to-peer network.

The user kaboom73 uploaded the 125-megabyte filewhich contained the site 
administrators secure user name and password, a back-up of the sites 
server, site databases, and contact databasesto the torrent site Pirate 
Bay on Saturday.

At 8 p.m. yesterday evening, 30 seeders were distributing the files 
while 16 leechers were downloading them.

Likely in response to this breach, the GSAS site was shut down.

The Faculty of Arts and Sciences (FAS) Information Technology office 
could not be reached for comment.

The uploaded file was accompanied by a message from the sites hacker 
stating that the information was released to expose the vulnerability of 
Harvards servers.

Maybe you dont like it but this is to demonstrate that persons like [the 
site administrator]...dont know how to secure a web site, the message 
read in broken English.

Thomas Gatton, FAS systems administrator and user support specialist, 
could not be reached for comment.

The weekends incident was described as a major security breach by the 
Web site Torrentfreak.com, which first reported the incident.

FAS servers were breached multiple times in the summer of 2003 in 
episodes that were traced to Brazilian hackers.

Hackers again broke into university Web sites in 2005, when they 
distributed secure admissions information from top business schools, 
including Harvard Business School.

Staff writer Abby D. Phillip can be reached at adphill (at) 
fas.harvard.edu.

Copyright 2008, The Harvard Crimson, Inc.


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 



This archive was generated by hypermail 2.1.3 : Wed Feb 20 2008 - 23:05:44 PST