************************************************************** Welcome to Nethappenings the Internet's largest and oldest K12 Education Mailing List exploring and using the World Wide Web. Founded by Gleason Sackmann and now Moderated by Karen Ellis of the Educational CyberPlayGround. NetHappenings Mailing List ©1993 -- Subscribe - Unsubscribe - Set Preferences http://www.edu-cyberpg.com/Community/NetHappenings.html Advertise on Nethappenings http://www.edu-cyberpg.com/Community/Subguidelines.html Educational CyberPlayGround Community Mailing Lists http://www.edu-cyberpg.com/Community/ ************************************************************** ************************************************************************** Educational CyberPlayGround links to Technology <http://www.edu-cyberpg.com/Technology/Home_TECHNOLOGY.html> Find Information on Security for Teachers, Administrators, Ed. Tech, and Classroom Resources http://www.edu-cyberpg.com/Technology/SECURITY.html ARE YOU CRANKY? SCANKY? ARE YOU INFECTED?? Everyone Needs Security Information http://www.edu-cyberpg.com/Technology/SECURITY.html FREE and it checks your computer to see if you're vulnerable and/or have been infected by a virus or Trojan Horse. ****************************************************************** CMU says hacker broke into computers More than 5,000 alerted to possible identity thefts Thursday, April 21, 2005 By Bill Schackner, Pittsburgh Post-Gazette http://www.postgazette.com/pg/05111/491836.stm A hacker who tapped into business school computers at Carnegie Mellon University may have compromised sensitive personal data belonging to 5,000 to 6,000 graduate students, staff, alumni and others, officials said yesterday. For information The school is directing those potentially affected to a Web site for tips in protecting themselves. It also is offering them a phone link, 1-800-226-8258, to obtain information. The breach confirmed by officials in the Tepper School of Business is the latest in a recent string of campus computer break-ins nationally and the second since early March affecting Tepper. There is no evidence that any data, including Social Security and credit card numbers, have been misused, officials said. But they have begun sending e-mails and letters alerting those affected. They include graduate students and graduate degree alumni from 1997 to 2004, master's of business administration applicants from September 2002 through May 2004, doctoral applicants from 2003 to this year, and participants in a conference that was being arranged by the school's staff. The intrusion occurred April 10 but was not disclosed until late yesterday so Tepper could notify potential victims, school spokesman Mike Laffin said. Officials offered few details but said it appeared someone from outside the university gained entry to Tepper's computers. A security specialist working for Tepper noticed unusual activity coming from one computer about 10 p.m. on April 10. That machine and others were taken offline. "After a few days of investigating we determined that it did involve more than one computer," Laffin said. "We can't get into specifics about what we know about the intrusion because we're concerned that it would be providing information that could make other environments unsafe," he said. "We wanted to make sure our constituencies are aware of the situation and that they take steps to protect their privacy. "Appropriate law enforcement agencies will be contacted," Laffin added. The case is the latest in a spate of college computer breaches that have added to concerns about the safety of a growing mountain of data kept online. Last month, Tepper and other business schools punished applicants who hacked into computerized admissions data trying to learn if they had been accepted. In all, 150 breaches were reported involving Tepper and applicants to Harvard, Stanford and Duke universities, as well as the Massachusetts Institute of Technology and Dartmouth College. Those students took advantage of a security vulnerability on a site maintained by Virginia-based ApplyYourself Inc., which manages admission data for the schools. The same month as those breaches, the theft of a laptop with names and Social Security numbers of 98,000 individuals, predominantly graduate students, was reported by police at the University of California at Berkeley. Officials also have been monitoring reported breaches in recent weeks involving fund-raising or other data affecting Tufts University in Boston and Northwestern University's Kellogg School of Management in Evanston, Ill., among others. Worries about cyber attacks also led The National Science Foundation on April 11 to announce formation of a new center aimed at better safeguarding computer data. The center, led by Berkeley, includes Carnegie Mellon and seven other schools and is called the Team for Research in Ubiquitous Secure Technology, or TRUST. John Mitchell, a computer security expert at Stanford who is involved in the project, said researchers at his school have observed a sharp rise nationally in Web-based identity thefts, including those involving financial data, over the last two years. <snip> (Bill Schackner can be reached at bschackner@xxxxxxxxxxxxxxxx or 412-263-1977.) <>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<> EDUCATIONAL CYBERPLAYGROUND http://www.edu-cyberpg.com Copyright statements to be included when reproducing annotations from Nethappenings. The single phrase below is the copyright notice to be used when reproducing any portion of this report, in any format. > From NetHappenings copyright > Educational CyberPlayGround. http://www.edu-cyberpg.com/Community/NetHappenings.html Net Happenings, K12 Newsletters, Network Newsletters http://www.edu-cyberpg.com/Community/ FREE EDUCATION VENDOR DIRECTORY LISTING http://www.edu-cyberpg.com/Directory/ HOT LIST REGISTRY OF K12 SCHOOLS ONLINE http://www.edu-cyberpg.com/Schools/ <>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>