Educause Security Discussion mailing list archives
Re: Frustrated USC applicant pleads guilty to break-in
From: "Mark S. Bruhn" <mbruhn () INDIANA EDU>
Date: Tue, 12 Sep 2006 08:58:59 -0400
In any case, it seems USC made the right decision vis-à-vis that particular applicant... M. -- Mark S. Bruhn Associate Vice President for Telecommunications Executive Director, REN-ISAC (http://ren-isac.net) Indiana University
From: Dan Updegrove <updegrove () MAIL UTEXAS EDU> Reply-To: The EDUCAUSE Security Discussion Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Date: Mon, 11 Sep 2006 12:07:44 -0400 To: <SECURITY () LISTSERV EDUCAUSE EDU> Conversation: [SECURITY] Frustrated USC applicant pleads guilty to break-in Subject: [SECURITY] Frustrated USC applicant pleads guilty to break-in Colleagues, Some institutions that experienced security breaches have been castigated for retaining records *online* of rejected applicants. Perhaps there's an rationale here for keeping them *offline,* in the event of a future break-in. And note anticipated sentence: six months home detention and $37,000 in restitution. Regards, Dan Man admits he hacked into USC's application system Tuesday, September 5, 2006 (09-05) 22:06 PDT Los Angeles (AP) -- A San Diego man was so upset that USC did not admit him as a student that he hacked into the school's application system and stole other would-be students' personal information, he admitted in court Tuesday. Eric McCarty, 24, pleaded guilty to a felony count of accessing a protected computer without authorization and was scheduled to be sentenced Dec. 4. Under terms of a plea bargain with prosecutors, he is expected to receive six months of home detention and pay nearly $37,000 in restitution. In June 2005, McCarty accessed Social Security numbers, names, addresses, dates of birth and applicants' passwords to the USC site, according to the government. Federal investigators found information on seven different people on McCarty's home computer, which they seized. After the break-in, McCarty created a new e-mail account using the sign-on "ihackedusc. Prosecutors said he used that account to send messages explaining what he had done to a reporter at the Web site securityfocus.com. The reporter contacted university officials. Authorities said McCarty also boasted and joked about his accomplishment on his blog. Among the messages found on his blog: "USC Got Hacked" and "so all the hot USC girls, I got your phone number, ladies." VP for IT The University of Texas at Austin FAC 248-U, Austin, TX 78713-7407 (512) 232-9610
Current thread:
- Frustrated USC applicant pleads guilty to break-in Dan Updegrove (Sep 11)
- <Possible follow-ups>
- Re: Frustrated USC applicant pleads guilty to break-in Mark S. Bruhn (Sep 12)
- Re: Frustrated USC applicant pleads guilty to break-in Joseph Clark (Sep 14)