funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Youth expelled from Montreal college after finding "sloppy coding" that compromised security of 250, 000 students personal data

From: Rich Kulawiec <rsk () gsp org>
Date: Thu, 24 Jan 2013 12:46:42 -0500

Oh, this story just keeps getting better:

        http://o.canada.com/2013/01/22/dawson-student-expelled-while-college-website-remains-hacked-16-months-later/

Excerpt:

        This, despite the fact that a primary Dawson College public
        domain may remain compromised following a 2011 incursion by an
        unknown hacker named "iskorpitx". That hacker appears to have
        successfully uploaded a 'Shell' to the domain, leaving a public
        'f** file' alerting administrators of the site that a successful
        incursion had taken place.

        As of midnight Monday, the Dawson College server still returned
        the file using any web browser, despite credible Twitter alerts
        about the compromise to @mydawsoncollege earlier that evening
        from multiple sources.

Apparently the incompetent lying morons at Dawson College are far more
worried about a student who is arguably brighter than they are than they
are over exposing the information of their faculty/staff/students.

---rsk
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: