US school network falls victim to child hacker

Powered by SC Magazine
 

Local authority races to upgrade its system security as the second teenager in five months breaches its network defences, copying 55,000 records

An American schoolchild has successfully hacked into an educational network and saved records of 55,000 people to a flash drive.

The 15 year-old Pennsylvania student breached security on the network, which belongs to the local education authority, and retrieved names, addresses and social security numbers.

Police said on Wednesday they had arrested the student, who could not be named because of their age, and charged them with four offences of unlawful duplication and theft.

The authority, Downington Area School District, said it thought the hack, which took place on 9 May, was motivated by wanting to gain access to the system for "irresponsible interest", rather than for criminal intent. Police believe the stolen data was passed by the hacker to just one schoolfriend.

The student has been sent home and had their computer and flash drive seized by police. They will later face the four charges in a juvenile court.

It's not the first time the authority has been hacked by a youngster. A 16 year-old successfully broke into its network in December last year before decrypting a file using password cracking software. Since then, students have managed to circumvent the authority's filtering software, Websense, in order to download games to school servers.

In a statement, the authority said it would tighten its security by segregating its central server from the rest of the network. It added that it would remove generic login permissions, which it had offered to members of the community attending school workshops. It also said it would review its logging and auditing procedures.

See original article on scmagazineus.com

Copyright © SC Magazine, US edition


 
 
 
Top Stories
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Telcos finally briefed on data retention details
Update: AGD offers list of data to be stored.
 
Qld Health hires short-term CIO, CTO
Ray Brown leaves after five years at IT helm.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  67%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  12%
 
Denial of service attacks
  7%
 
Insider threats
  12%
TOTAL VOTES: 561

Vote