BreachExchange mailing list archives
Re: Update: Harvard student database hacked, posted on BitTorrent
From: "B.K. DeLong" <bkdelong () pobox com>
Date: Thu, 13 Mar 2008 15:11:39 -0400
I'm up at SourceBoston right now with limited access - what are the FERPA repercussions for this breach? On Thu, Mar 13, 2008 at 2:58 PM, lyger <lyger () attrition org> wrote:
http://www.news.com/8301-10789_3-9893174-57.html?part=rss&subj=news&tag=2547-1_3-0-5 Harvard says about 10,000 of last year's applicants may have had their personal information compromised. At least 6,600 Social Security numbers were exposed. Worse, a compressed 125 M-byte file containing the stolen student data is currently available via BitTorrent, a peer-to-peer network. [.] A BitTorrent file containing the stolen data includes a note that reads in part "maybe you don't like it but this is to demonstrate that persons like tgatton(admin of the server) in they don't know how to secure a website." The BitTorrent file consists of a server backup of the GSAS site with a full directory structure and three databases: joomla.slq, the main database; contacts.sql which is a database of contacts; and hgs.sql, a miscellaneous file. [...] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
-- B.K. DeLong (K3GRN) bkdelong () pobox com +1.617.797.8471 http://www.wkdelong.org Son. http://www.ianetsec.com Work. http://www.bostonredcross.org Volunteer. http://www.carolingia.eastkingdom.org Service. http://bkdelong.livejournal.com Play. PGP Fingerprint: 38D4 D4D4 5819 8667 DFD5 A62D AF61 15FF 297D 67FE FOAF: http://foaf.brain-stream.org _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- Update: Harvard student database hacked, posted on BitTorrent lyger (Mar 13)
- Re: Update: Harvard student database hacked, posted on BitTorrent B.K. DeLong (Mar 13)
- Re: Update: Harvard student database hacked, posted on BitTorrent Stian Øvrevåge (Mar 13)