Monday, October 8, 2012

Security - 100 major universities were hacked


The collective known as GhostShell has claimed an outbreak on servers in 100 major universities worldwide among those obtaining Harvard, Stanford, the University of Pennsylvania and Michigan. A breach confirmed by many of the centers.

The hacker group hung on pastebin about 120,000 records from violated servers. A harmless  attack, according to the group the idea is to warn about the deficiencies in universityes worldwide.

A small portion of the published data showing what appear to be names, phone numbers, email addresses, logins credentials and other data from some of the servers. It appears that in some cases the security violation included multiple servers from the same university.


In the message that we can read on the Pastebin says that's showing only a small part of the data collected from the servers:

    We try to keep the information leaked to a minimum, so only about 120,000 accounts and records are here, leaving hundreds of thousands servers. When we got there, we realized that many of them have injected malware. It is no surprise, as some have stored credit card information.

The same Stanford has confirmed that two of their websites from different departments had been violated. Still,the university ensures that no sensitive data was compromised, confidential or personal information that would lead to identity theft. Also, ensure that the gap is discovered also the servers were tested and insured.

Another university violated is Michigan, confirmed that three of its servers had been hacked. A university spokesman claimed that although there was an unauthorized access, no sensitive data or passwords were compromised.

According to preliminary analysis of the researchers, hackers must have been operating for at least four months to get access to all sites and information. Attacks were carried out by SQL injection.

An action in which the group claims the improved safety of all those centers with hundreds of thousands of personal data.

0 Comments:

Post a Comment