Information Security News mailing list archives
Crackers steal 52,000 university passwords
From: InfoSec News <isn () c4i org>
Date: Mon, 18 Nov 2002 07:27:00 -0600 (CST)
Forwarded from: Frode E. Nyboe <frodeen () eunet no> http://www.aftenposten.no/english/local/article.jhtml?articleID=437439 Jonathan Tisdall 15 November 2002 The University of Oslo had to change the passwords of 52,000 users and reinstall software on dozens of computers after crackers managed to infiltrate the network and extract the institution's central password file. The unknown computer vandals have had access to all of the usernames and passwords at the university for several weeks. In addition, the crackers (destructive computer experts, as opposed to hackers), have used university servers to store huge amounts of pirated software programs and films, VG Nett reports. "Hackers broke into the database which handles the information system for our switchboard. There they installed a password sniffer that located the password to someone in operations. With his password they accessed other machines and from there they pulled out the university's central password file," said Oslo University IT director Arne Laukholm. Laukholm said the university was not aware that an SQL-database automatically installs with a Windows 2000 server. This led to the switchboard database not being properly upgraded with security patches. - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- Crackers steal 52,000 university passwords InfoSec News (Nov 18)
- <Possible follow-ups>
- RE: Crackers steal 52,000 university passwords InfoSec News (Nov 19)