Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Hackers tap server at Cal State Hayward

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Hackers tap server at Cal State Hayward
Date: Fri, 24 Sep 2004 02:36:31 -0500 (CDT) 
http://www.trivalleyherald.com/Stories/0,1413,86~10671~2420984,00.html

By Ricci Graham
STAFF WRITER
September 23, 2004 

HAYWARD -- A computer hacker somehow gained access to the records of
about 2,000 Cal State Hayward students earlier this month, prompting
campus officials to send out letters warning students that their
personal information may have been compromised.

Kim Huggett, director of public affairs at Cal State Hayward, said on
Wednesday that officials have not determined how the hacker was able
to "briefly gain unauthorized access" to student records through one
of the campus servers.

The computer security breach was brought to the attention of the
university's Information Security Office on Sept. 7, Huggett said.

Cheryl Walton-Washington, the school's chief information security
coordinator, said the New York-based Office of Cyber Security and
Critical Infrastructure Coordination discovered that a campus Web page
had been defaced on or about Sept. 7. The cyber intruder had also
placed two unauthorized files on the server, she said.

Officials there in turn contacted the California State Office of
Information Privacy, which notified university administrators of the
computer breach, Walton-Washington said.

"I can't share with you what they saw, because the server had been
taken offline to begin the appropriate task of investigation,"  
Walton-Washington said.

Walton-Washington said her office has concluded its investigation,
although she concedes that it will be virtually impossible to
determine who the responsible party is.

"That is actually going to be terribly difficult," Walton-Washington
said. "We can't identify who. The most we have is a very benign Web
address, and it's not a person."

The university has taken a number of steps to put additional
fire-walls in place to prevent someone from hacking into the server
again, Walton-Washington said. Asked what they were, Walton-Washington
said: "Action has been taken, but I'd rather not go into detail to
encourage someone else. But we have taken steps to secure this
(server)."

Dick Metz, the school's vice president of administration and business,
said his office shipped an estimated 2,000 letters to students whose
personal information may have been accessed. Some of the potentially
compromised information includes names, Social Security numbers,
addresses and telephone numbers, Metz said.

"While there is no evidence that the intruder accessed any private
information, we are notifying every student who might be affected so
they can alert a credit reporting agency should they choose to do so,"  
Metz said.

In his letter to students, Metz issued an apology on behalf of the
university, saying, "We consider any breach of our computer security a
serious matter, so please accept our apologies."

Cal State Hayward is the latest campus to have its server illegally
tapped into.

Earlier this year, officials at Cal Poly, San Luis Obispo had to issue
a warning to about 700 students after an online break-in. The same
occurred at San Diego State, requiring officials there to notify more
than 178,00 current, former and prospective students.



_________________________________________
Donate online for the Ron Santo Walk to Cure Diabetes - 
http://www.c4i.org/ethan.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Hackers tap server at Cal State Hayward, InfoSec News <=
Previous by Date:  [ISN] Secunia Weekly Summary - Issue: 2004-39, InfoSec News
Next by Date:  [ISN] Hackers use Google to access photocopiers, InfoSec News
Previous by Thread:  [ISN] Secunia Weekly Summary - Issue: 2004-39, InfoSec News
Next by Thread:  [ISN] Hackers use Google to access photocopiers, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]