Pages Menu
Categories Menu

Posted by on Oct 5, 2012 in Internet, Security |

Hacked systems 100 major universities

Hacked systems 100 major universities

The collective known as GhostShell has claimed breaking into servers 100 major universities worldwide among those obtaining Harvard, Stanford, the University of Pennsylvania or Michigan. A breach confirmed by many of the centers.

The hacker group hung on pastebin of presenting the information gathered about 120,000 records violated servers. An attack harmless, since according to the group the idea is to warn about the deficiencies in schools worldwide.

From Computerworld has analyzed a small portion of the published data showing what appear to be names, phone numbers, email addresses, logins credentials and other data from some of the servers. It appears that in some cases the violation included multiple servers from the same university.

In the message that we can read on the bus says Pastebin showing only a small part of the data collected from the servers:

We try to keep the information leaked to a minimum, so only about 120,000 accounts and records are here, leaving hundreds of thousands servers more. When we got there, we realized that many of them have injected malware. It is no surprise, as some have stored credit card information.

The same Stanford has confirmed that two of their websites from different departments had been violated. Still, from the university ensures that no sensitive data was compromised confidential or personal information that would lead to identity theft. Also, ensure that the gap once discovered servers were tested and insured.

Another university violated the Michigan, confirmed that three of its servers had been hacked. A university spokesman claimed that although there was an unauthorized access, no sensitive data or passwords were compromised.

According to preliminary analysis of researchers, hackers must have been operating for at least four months to get access to all sites and information. Attacks were carried out by SQL injection.

An action in which the group claims the improved safety of all those centers with hundreds of thousands of personal data.

Tags: ,