Jump to content

Recommended Posts

Posted

Harvard Web site hacked, database on file-sharing site

by Jeremy Kirk

Feb 18, 2008 10:01 am

One of Harvard University's Web sites appeared on Monday to have been hacked, with its contents appearing on the BitTorrent file-sharing network.

A compressed 125 M-byte file claiming to be the database for the Web site of Harvard's Graduate School of Arts and Sciences is available via the BitTorrent P-to-P (peer to peer) network. The file is listed on The Pirate Bay, a Web site that indexes torrents, or small information files that coordinate the download of content from other users on BitTorrent.

The Web site for the Graduate School of Arts and Sciences was offline on Monday.

A note attached to the torrent claimed the file contained a backup of the site -- including some contacts files and other files associated with Joomla, an open-source content management system -- along with other various bits. It appears to be legitimate.

The note's writer claims the stunt is intended to demonstrate the insecurity of Harvard's server. The writer also exposed what purport to be usernames and passwords belonging to two of the site's system administrators.

"Stupid people, you don't use a secure password," read a note preceding the sensitive information.

As of Monday afternoon, the compromised file was being distributed by 11 users -- known in file-sharing terminology as "seeders" -- and was being downloaded by nine "leechers," or those downloading the files.

Harvard's media office was closed on Monday due to a national U.S. holiday.

http://www.macworld.com/article/132143/ ... rvard.html

Posted

What's really disturbing is that a quick Google search turns up the hacked file only about 3 results from the top.

And the Boston Globe hasn't said a word - I hope they're working on a story. I want to know what Harvard has to say for themselves!

Posted

What kind of information is on there? I checked my credit card account, and no new charges but I am worried about my other information. I am half-tempted to download the file to check to see how much information about me, if any, is on there. Now I wish I hadn't applied to Harvard.... I probably won't go there even if accepted and now my information has possibly been hacked.

Posted

Does anyone know whether this will have any effect on the admissions process (e.g. slowing down their ability to process and send letters)? I'm not so much worried about the security leak as the delays that could be incurred if they're taking servers offline.

Selfish, I know...

Posted

I just now got an email from Harvard grad admissions. They said that "no confidential or personally identifiable data was compromised" and that the only compromised data included the "Graduate School's website files" which did NOT contain information about its students or applicants.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

This website uses cookies to ensure you get the best experience on our website. See our Privacy Policy and Terms of Use