Hack of CESA 10 web portal reveals faculty passwords

[Erica Absetz <erica () riskbasedsecurity com>]

http://www.weau.com/home/headlines/BREAKING-NEWS-Hack-of-CESA-10-web-portal-reveals-faculty-passwords-206531721.html

(WEAU) - A school district service agency says teachers’ passwords
were hacked and Tuesday night it's getting out the message to the
people affected.

CESA 10's administrator tells WEAU its old web portal where teachers
registered for classes was hacked, and it’s now using a new site that
is not affected.

CESA, which stands for Cooperative Education Service Agency, serves 29
school districts in our area.
It sent a statement to affected school personnel Tuesday evening. It
says the information that was hacked is old, but did include
passwords. While the information was old, CESA's note asks teachers to
change their passwords if they tend to use the same one for other
things in their daily life.

WEAU was able to locate the hacker's page, which appears to be from
Africa. It claims it has e-mails and phone numbers as well as
passwords for 8,000 people. WEAU is not listing the website’s address
out of respect to the teachers listed.

The CESA administrator plans to talk to us Wednesday about the situation.

-----------------------------------------------------------------------------------
Here's the notice sent to affected school personnel from CESA 10:

Today we learned that the "My CESA Portal," formerly used to track
teacher registrations for events at CESA 10 and other CESAs in
Wisconsin, was hacked recently and login data was posted on a public
site frequented by hackers.

The My CESA Portal service was hosted by University of
Wisconsin-Madison, Division of Information Technology and contains old
data. The passwords posted were used for the My CESA Portal, which is
no longer in service.

Nonetheless, since many people use the same password for different
services, we sent a notice out to all affected emails associated with
My CESA Portal that users should change their passwords for other
applications to prevent or reduce risk.

CESA 10 is currently using myQuickReg.com for event registration,
which is a service hosted by CESA 6 and not affected by this attack.
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.