[ISN] Youth charged after cracking school board database

From: InfoSec News <alerts_at_private>
Date: Wed, 3 Nov 2010 00:10:56 -0600 (CST)

By Kate Dubinski
QMI Agency
November 2, 2010

LONDON, Ont. — It'll take the London region's public school board more 
than three weeks to fix a privacy breach created in about an hour - way 
too long for a basic security feature, says one technology specialist.

London police criminally charged a 15-year-old self-described hacker 
with breaking into the Thames Valley District school board's website and 
exposing the passwords of 27,000 high school students on Oct. 23. It was 
the largest security breach in the board's history.

Ordinarily, conviction on the four charges the youth faces could lead to 
as many as 10 years in prison, depending how the Crown proceeds.

But the amount of time it's taking one of Ontario's largest school 
boards to encrypt passwords - standard operating procedure for most 
institutions, big and small - is raising some eyebrows.

"Encrypting passwords is not rocket science. It's one of the most basic 
things you can do," said Shawn Adamsson, a London computer specialist 
who has worked with technology for more than 25 years.


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Tue Nov 02 2010 - 23:10:56 PDT

This archive was generated by hypermail 2.2.0 : Tue Nov 02 2010 - 23:20:02 PDT