Hackers get into Wickliffe computer

December 16, 2006

By Mark Tuscano


Wickliffe Mayor Thomas W. Ruffner announced Friday that hackers had breached security in one of the city's three computer servers, which held personal information on some city employees. The breach was discovered by Building Commissioner Ray Sack, who brought it to the attention of Ruffner and city police.

Detective Sgt. Joe Matteo said a malicious virus had gotten through at least two layers of security and into the system, where information on 125 city employees was stored.

No information on city residents was stored in the server or compromised, Ruffner said. Those affected included service department and part-time personnel whose names and Social Security numbers were in the system.

Employees affected by the breach will be notified today in a letter from the mayor advising them of potential problems involving identity or credit theft, although no reports of either had been reported as of Friday.

The city has since replaced the affected server and six associated computer stations. Police Chief James Fox and the detective's bureau conducted a forensic analysis of the infected system, but attacks of this type are often generated from locations in Europe or Asia, so the sources are difficult to impossible to prosecute, Fox said.

The city spent about $25,000 replacing the server hardware and software, Ruffner said.

The systems that were replaced were at least 3 years old, but the city's other two servers are newer. The upgraded system will now use the same operating system as the other two and virus protection in each has been updated.

Matteo said the virus got through the affected system by first preventing an upgrade to the system's virus protection program, leaving it vulnerable to the malicious software. His bureau was notified of the breach Oct. 25 and immediately initiated an investigation.

"Windows-based systems are almost daily issued a patch to prevent new bugs from hackers," he said.

"If they can get into the Pentagon, they can get into anything."

In his letter to employees, Ruffner said the breach was intentionally introduced into the system and warned of a potential problem involving identity theft.

"We recommend that you place a fraud alert on your credit file," Ruffner wrote.

"A fraud alert tells creditors to contact you before they open any new accounts or change your existing accounts."

Wickliffe Police Chief Fox said he hasn't heard of any cases yet where information stolen from databases as expansive as the Veteran's Administration or UCLA has been used in identity theft, but there's no guarantee it won't be.

Fox and Matteo recommend people do not open suspicious attachments and use one of the many Web based e-mail services in which the recipient views mail stored on the server rather than in their personal computer.

They also recommended PC users check for Microsoft and antivirus program upgrades frequently.

main page ATTRITION feedback