NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Attrition Dataloss> 2008-03

Re: [Dataloss] Update: Harvard student database hacked, posted on BitTorrent

From: B.K. DeLong (bkdelongpobox.com)
Date: Thu Mar 13 2008 - 14:11:39 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I'm up at SourceBoston right now with limited access - what are the
FERPA repercussions for this breach?

On Thu, Mar 13, 2008 at 2:58 PM, lyger <lygerattrition.org> wrote:
>
> http://www.news.com/8301-10789_3-9893174-57.html?part=rss&subj=news&tag=2547-1_3-0-5
>
> Harvard says about 10,000 of last year's applicants may have had their
> personal information compromised. At least 6,600 Social Security numbers
> were exposed. Worse, a compressed 125 M-byte file containing the stolen
> student data is currently available via BitTorrent, a peer-to-peer
> network.
>
> [.]
>
> A BitTorrent file containing the stolen data includes a note that reads in
> part "maybe you don't like it but this is to demonstrate that persons like
> tgatton(admin of the server) in they don't know how to secure a website."
> The BitTorrent file consists of a server backup of the GSAS site with a
> full directory structure and three databases: joomla.slq, the main
> database; contacts.sql which is a database of contacts; and hgs.sql, a
> miscellaneous file.
>
> [...]
> _______________________________________________
> Dataloss Mailing List (datalossattrition.org)
> http://attrition.org/dataloss
>
> Tenable Network Security offers data leakage and compliance monitoring
> solutions for large and small networks. Scan your network and monitor your
> traffic to find the data needing protection before it leaks out!
> http://www.tenablesecurity.com/products/compliance.shtml
>

--
B.K. DeLong (K3GRN)
bkdelongpobox.com
+1.617.797.8471

http://www.wkdelong.org Son.
http://www.ianetsec.com Work.
http://www.bostonredcross.org Volunteer.
http://www.carolingia.eastkingdom.org Service.
http://bkdelong.livejournal.com Play.

PGP Fingerprint:
38D4 D4D4 5819 8667 DFD5 A62D AF61 15FF 297D 67FE

FOAF:
http://foaf.brain-stream.org
_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]