I love stories like this!
Barrie Einarson
Investor Relations
bbruin@home.com
Crackers get into Stanford e-mail
Infiltrators gain access to 4,500 passwords, avoid detection for three weeks
REUTERS
PALO ALTO, Calif., Nov. 3 — Some 4,500 students and staff at Stanford University had their e-mail passwords stolen last month when crackers broke into the California school's security system and then managed to avoid detection for three weeks.
It was unclear whether the crackers had actually read individual e-mail messages.
IT WAS UNCLEAR WHETHER the crackers had actually read individual e-mail messages. School officials said Tuesday it appeared the intruders had broken into the system for other malicious purposes but did not say what their intentions might have been.
Even so, the information they gained provided them access to the contents of all the 4,500 e-mail accounts until Tuesday morning, when Stanford pulled the plug on the violated mailboxes and put tighter security measures in place.
Stephen Hanson, director of computer security for the school, said he did not know whether Chelsea Clinton, the daughter of President Clinton, was among those students whose e-mail had been affected. “My understanding is she has her own private e-mail account, with much different security features,” he said.
Still, it was a flaw in Stanford's computer security that allowed the crackers to gain access to so many accounts before they were discovered. The prestigious university, located near Palo Alto, Calif., recently added security features to its computer network but installed them improperly on a few machines and then never went back to fix them, Hanson said.
The intruders happened to enter the system on one of the computers that was especially vulnerable.
“It was bad luck for us,” Hanson said. “Good luck for the hackers.”
The crackers, believed to be working from Sweden and Canada, broke into the Stanford computer system on Oct. 11 with a data-stealing software program called a “sniffer,” which intercepts passwords as users are logging on.
Hanson said Stanford provides students with free software that prevents such break-ins, and those who had installed the software were not violated.
The school is now stepping up efforts to install the security software and has started running more frequent checks to prevent any future break-ins from going undetected for so long.
“We're doing what we should have been doing from the beginning,” Hanson said.
|
