Harvard University hack could have been avoided 
(17/03/2008)
In February, hacker have attacked Harvard University servers, accessed the personal information of more than 10,000 graduate students and applicants to the Graduate School of Arts and Sciences and posted part of this confidential information on the Web.
Cyber-Ark commented that the Harvard University hack could have been avoided if the university had protected its student data. "The systems hack, which resulted in details of more than 10,000 graduate students and applicants being viewed by the hackers, is notable as the university is reputed to have some of the best security systems installed on an educational computer system in North America," said Calum Macleod, Cyber-Ark's European director.
"It seems that the hackers are hell-bent on embarrassing the university as, following their attack last month, they posted part of the information they downloaded on the students and applications to the Internet," he added.
According to Macleod, since the student and application's information includes social security numbers, the risk of identity theft if the hackers decide to pass on or use the downloaded data is very high.
"This hack has been an identity thief's paradise and the sad thing is that the whole affair could have been avoided if the university had taken a more secure approach to its sensitive information as it reportedly does to its network security," he said.
"Modern encryption software can be used to restrict access to only those people that need to view the data, as well as encrypting and similarly protecting the data to prevent information leaks like this. If the university had protected its data in this way, the hackers would never be able to even see the file, even they were internal IT ," he added.
Related topics: Data management and data security Encryption Hacking and intrusion prevention Network Security
Print version | 
Email to a friend | 
Related articles
Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.
Other Security news and resources
Security News
Suppliers Directory
Jobs forum
Classifieds
Knowledge base
White papers
Research library
Security books
Special reports
Security interviews
Security companies
Security events
Security links
Security market
Product channels
Access Control Biometrics CCTV Intruder Alarms IT Security Manned Guarding Perimeter Protection Physical Security Remote Monitoring Security Services Fire, Health & Safety Other Security Products
IT Security white papers and research library
Access Control Authentication Data Management Data Security Digital Signatures Email Security Identity Management Internet Security Intrusion Prevention Network Security Remote access security Security Management Security Policies Security Software Security Threats Virus Detection Software Virus Protection VPN Vulnerability Assessment Wireless Security
Security books, guides, standards and toolkits
RFID and Smart Cards books, guides and reference documents Biometric books, guides and reference documents CCTV books, guides and reference documents Intruder alarms and intrusion detection systems books, guides and reference documents Monitoring and surveillance books, guides and reference documents IT Governance, ISO 27001 ISO 17799 and BS 7799 toolkits Fire, Health & Safety books, guides and reference documents
