[Dataloss] Update: Harvard student database hacked, posted on BitTorrent
B.K. DeLong
bkdelong at pobox.com
Thu Mar 13 19:11:39 UTC 2008
I'm up at SourceBoston right now with limited access - what are the
FERPA repercussions for this breach?
On Thu, Mar 13, 2008 at 2:58 PM, lyger <lyger at attrition.org> wrote:
>
> http://www.news.com/8301-10789_3-9893174-57.html?part=rss&subj=news&tag=2547-1_3-0-5
>
> Harvard says about 10,000 of last year's applicants may have had their
> personal information compromised. At least 6,600 Social Security numbers
> were exposed. Worse, a compressed 125 M-byte file containing the stolen
> student data is currently available via BitTorrent, a peer-to-peer
> network.
>
> [.]
>
> A BitTorrent file containing the stolen data includes a note that reads in
> part "maybe you don't like it but this is to demonstrate that persons like
> tgatton(admin of the server) in they don't know how to secure a website."
> The BitTorrent file consists of a server backup of the GSAS site with a
> full directory structure and three databases: joomla.slq, the main
> database; contacts.sql which is a database of contacts; and hgs.sql, a
> miscellaneous file.
>
> [...]
> _______________________________________________
> Dataloss Mailing List (dataloss at attrition.org)
> http://attrition.org/dataloss
>
> Tenable Network Security offers data leakage and compliance monitoring
> solutions for large and small networks. Scan your network and monitor your
> traffic to find the data needing protection before it leaks out!
> http://www.tenablesecurity.com/products/compliance.shtml
>
--
B.K. DeLong (K3GRN)
bkdelong at pobox.com
+1.617.797.8471
http://www.wkdelong.org Son.
http://www.ianetsec.com Work.
http://www.bostonredcross.org Volunteer.
http://www.carolingia.eastkingdom.org Service.
http://bkdelong.livejournal.com Play.
PGP Fingerprint:
38D4 D4D4 5819 8667 DFD5 A62D AF61 15FF 297D 67FE
FOAF:
http://foaf.brain-stream.org
More information about the Dataloss
mailing list