Re: Hacker breaks into UT employee computer records

[Chris Walsh <cwalsh () cwalsh org>]

On Fri, Jul 07, 2006 at 03:11:33AM -0400, lyger wrote:
> A hacker broke into a University of Tennessee computer containing names, 
> addresses and Social Security numbers of about 36,000 past and present 
> employees.


I wonder how.

Here's some info from http://san2.dii.utk.edu/

"What is your NetID?
When you came to UT, you were given an email address; it looks something like smithrb () tennessee edu or maybe it 
looks like jonesj21 () utk edu. Either way, your NetID is the first part of your UT email address--in this example that 
would be smithrb and jonesj21.

So when you are asked to enter your NetID in the box above, we are asking you to type in the portion of your email 
address that comes before @utk.edu or @tennessee.edu.

What is your password?
You were also given a password that works with your NetID. The original one, also known as your default password, is a 
combination of your birth month, the last two digits of your birth year and the last four numbers of your Social 
Security number. If you were born in January of 1981 and your SSN is 123-00-4567, your default password is ja814567.
"
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/errata/dataloss/