US school network falls victim to child hacker

Powered by SC Magazine
 

Local authority races to upgrade its system security as the second teenager in five months breaches its network defences, copying 55,000 records

An American schoolchild has successfully hacked into an educational network and saved records of 55,000 people to a flash drive.

The 15 year-old Pennsylvania student breached security on the network, which belongs to the local education authority, and retrieved names, addresses and social security numbers.

Police said on Wednesday they had arrested the student, who could not be named because of their age, and charged them with four offences of unlawful duplication and theft.

The authority, Downington Area School District, said it thought the hack, which took place on 9 May, was motivated by wanting to gain access to the system for "irresponsible interest", rather than for criminal intent. Police believe the stolen data was passed by the hacker to just one schoolfriend.

The student has been sent home and had their computer and flash drive seized by police. They will later face the four charges in a juvenile court.

It's not the first time the authority has been hacked by a youngster. A 16 year-old successfully broke into its network in December last year before decrypting a file using password cracking software. Since then, students have managed to circumvent the authority's filtering software, Websense, in order to download games to school servers.

In a statement, the authority said it would tighten its security by segregating its central server from the rest of the network. It added that it would remove generic login permissions, which it had offered to members of the community attending school workshops. It also said it would review its logging and auditing procedures.

See original article on scmagazineus.com

Copyright © SC Magazine, US edition


 
 
 
Top Stories
Earning the right to innovate
Breaking down the barriers to innovation is a long, but rewarding process, says Bank of Queensland Group CIO, Julie Bale.
 
A call for timely reporting
[Blog post] Businesses need incentives to keep customer data secure.
 
Doubts cast on Queensland's ICT Dashboard
Opposition, former Govt CIO say it can't be trusted.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  26%
 
Application integration concerns
  3%
 
Security and compliance concerns
  29%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  22%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  5%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 846

Vote