WebApp Sec mailing list archives

Web security breach changes the lives of 119 people

From: "Richard M. Smith" <rms () computerbytesman com>
Date: Tue, 8 Mar 2005 11:28:29 -0500

http://www.boston.com/business/articles/2005/03/08/harvard_rejects_119_accus
ed_of_hacking_1110274403?mode=PF

Harvard rejects 119 accused of hacking
Applicants' behavior 'unethical at best'
By Robert Weisman, Globe Staff  |  March 8, 2005

Harvard Business School will reject the 119 applicants who hacked into the
school's admissions site last week, the school's dean, Kim B. Clark, said
yesterday.

''This behavior is unethical at best -- a serious breach of trust that can
not be countered by rationalization," Clark said in a statement. ''Any
applicant found to have done so will not be admitted to this school."

A half dozen business schools were swamped by a wave of electronic
intrusions Wednesday morning, after a computer hacker posted instructions on
a BusinessWeek Online message board. Harvard is the second school to say
definitively that it will deny the applications of proven hackers. The first
was Carnegie Mellon's Tepper School of Business, where only one admission
file was targeted.

...

In most cases, applicants from around the world saw only blank screens when
they hacked into their files, but some Harvard applicants glimpsed
preliminary decisions about whether they would be admitted. Other business
schools said they had yet to post any information in their applicants'
files.

Some business school administrators have said they were being cautious in
their reaction because their software vendor, ApplyYourself Inc., can
identify which admissions files were targeted but not who tried to access
them. Theoretically, at least, a hacker might have been a spouse or parent
who had access to the password and personal identification numbers given to
a business school applicant.

Clark, who said Harvard was working with ApplyYourself to determine the
hackers' identifies, rejected that distinction. ''We expect our applicants
to be personally responsible for the access to the website, and for the
identification and passwords they received," he said.

Current thread:

Web security breach changes the lives of 119 people Richard M. Smith (Mar 09)
- Re: Web security breach changes the lives of 119 people christopher (Mar 09)
- Re: Web security breach changes the lives of 119 people Jason Coombs (Mar 09)
  - RE: Web security breach changes the lives of 119 people Kim Dyer (Mar 13)
- <Possible follow-ups>
- RE: Web security breach changes the lives of 119 people Altheide, Cory B. (IARC) (Mar 09)
- RE: Web security breach changes the lives of 119 people Griffiths, Ian (Mar 13)
- RE: Web security breach changes the lives of 119 people Bill Nichols (Mar 13)
- Re: Web security breach changes the lives of 119 people El C0chin0 (Mar 18)
  - Re: Web security breach changes the lives of 119 people Jeff Williams (Mar 20)
- RE: Web security breach changes the lives of 119 people roger . franks (Mar 18)
- Re: Web security breach changes the lives of 119 people ed . tracy (Mar 22)

(Thread continues...)