CMU says hacker broke into (Tepper School of Business) computers

  • From: Educational CyberPlayGround <admin@xxxxxxxxxxxxxxx>
  • To: nethappenings@xxxxxxxxxxxxx
  • Date: Thu, 21 Apr 2005 14:48:10 -0400

**************************************************************
Welcome to Nethappenings the Internet's 
largest and oldest K12 Education Mailing List 
exploring and using the World Wide Web. 
Founded by Gleason Sackmann and now Moderated by
Karen Ellis of the Educational CyberPlayGround.

NetHappenings Mailing List ©1993
-- Subscribe - Unsubscribe - Set Preferences
http://www.edu-cyberpg.com/Community/NetHappenings.html

Advertise on Nethappenings
http://www.edu-cyberpg.com/Community/Subguidelines.html

Educational CyberPlayGround Community Mailing Lists
http://www.edu-cyberpg.com/Community/
**************************************************************


**************************************************************************
Educational CyberPlayGround links to Technology
<http://www.edu-cyberpg.com/Technology/Home_TECHNOLOGY.html>

Find Information on Security for
Teachers, Administrators, Ed. Tech, and Classroom Resources
http://www.edu-cyberpg.com/Technology/SECURITY.html

ARE YOU CRANKY? SCANKY? ARE YOU INFECTED??

Everyone Needs Security Information
http://www.edu-cyberpg.com/Technology/SECURITY.html

FREE and it checks your computer to see if you're
vulnerable and/or have been infected by a virus or Trojan Horse.
******************************************************************

CMU says hacker broke into computers
More than 5,000 alerted to possible identity thefts
Thursday, April 21, 2005
  By Bill Schackner, Pittsburgh Post-Gazette
http://www.postgazette.com/pg/05111/491836.stm

  A hacker who tapped into business school computers at Carnegie Mellon
University may have compromised sensitive personal data belonging to 5,000
to 6,000 graduate students, staff, alumni and others, officials said
yesterday.


For information

  The school is directing those potentially affected to a Web site for tips
in protecting themselves. It also is offering them a phone link,
1-800-226-8258, to obtain information.


  The breach confirmed by officials in the Tepper School of Business is the
latest in a recent string of campus computer break-ins nationally and the
second since early March affecting Tepper.

  There is no evidence that any data, including Social Security and credit
card numbers, have been misused, officials said. But they have begun sending
e-mails and letters alerting those affected.

  They include graduate students and graduate degree alumni from 1997 to
2004, master's of business administration applicants from September 2002
through May 2004, doctoral applicants from 2003 to this year, and
participants in a conference that was being arranged by the school's staff.

  The intrusion occurred April 10 but was not disclosed until late yesterday
so Tepper could notify potential victims, school spokesman Mike Laffin said.

  Officials offered few details but said it appeared someone from outside the
university gained entry to Tepper's computers.

  A security specialist working for Tepper noticed unusual activity coming
from one computer about 10 p.m. on April 10. That machine and others were
taken offline.

  "After a few days of investigating we determined that it did involve more
than one computer," Laffin said.

  "We can't get into specifics about what we know about the intrusion because
we're concerned that it would be providing information that could make other
environments unsafe," he said.

  "We wanted to make sure our constituencies are aware of the situation and
that they take steps to protect their privacy.

  "Appropriate law enforcement agencies will be contacted," Laffin added.

  The case is the latest in a spate of college computer breaches that have
added to concerns about the safety of a growing mountain of data kept
online.

  Last month, Tepper and other business schools punished applicants who
hacked into computerized admissions data trying to learn if they had been
accepted. In all, 150 breaches were reported involving Tepper and applicants
to Harvard, Stanford and Duke universities, as well as the Massachusetts
Institute of Technology and Dartmouth College.

  Those students took advantage of a security vulnerability on a site
maintained by Virginia-based ApplyYourself Inc., which manages admission
data for the schools.

  The same month as those breaches, the theft of a laptop with names and
Social Security numbers of 98,000 individuals, predominantly graduate
students, was reported by police at the University of California at
Berkeley.

  Officials also have been monitoring reported breaches in recent weeks
involving fund-raising or other data affecting Tufts University in Boston
and Northwestern University's Kellogg School of Management in Evanston,
Ill., among others.

  Worries about cyber attacks also led The National Science Foundation on
April 11 to announce formation of a new center aimed at better safeguarding
computer data. The center, led by Berkeley, includes Carnegie Mellon and
seven other schools and is called the Team for Research in Ubiquitous Secure
Technology, or TRUST.

  John Mitchell, a computer security expert at Stanford who is involved in
the project, said researchers at his school have observed a sharp rise
nationally in Web-based identity thefts, including those involving financial
data, over the last two years.

<snip>

(Bill Schackner can be reached at bschackner@xxxxxxxxxxxxxxxx or
412-263-1977.)

<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
EDUCATIONAL CYBERPLAYGROUND 
http://www.edu-cyberpg.com

Copyright statements to be included when reproducing
annotations from Nethappenings.

The single phrase below is the copyright notice to be used when
reproducing any portion of this report, in any format.

> From NetHappenings copyright
> Educational CyberPlayGround.
http://www.edu-cyberpg.com/Community/NetHappenings.html

Net Happenings, K12 Newsletters, Network Newsletters
http://www.edu-cyberpg.com/Community/

FREE EDUCATION VENDOR DIRECTORY LISTING
http://www.edu-cyberpg.com/Directory/

HOT LIST REGISTRY OF K12 SCHOOLS ONLINE
http://www.edu-cyberpg.com/Schools/
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>

Other related posts:

  • » CMU says hacker broke into (Tepper School of Business) computers
  1. Home
  2. nethappenings
  3. Archive
  4. 04-2005