RESPONSE : HARVARD SITE HACKED !

Written by enigmax on February 18, 2008 on http://torrentfreak.com/author/enigmax/

The Harvard Graduate School of Arts and Sciences website appears to have been the subject of a major security breach, as server backups, site databases and contact databases are leaked to BitTorrent. The 125MB file is currently being tracked by The Pirate Bay.

Early reports indicate that a Harvard University website has become the victim of a major security breach. A torrent currently tracked by The Pirate Bay which links to a 125mb .zip file, claims to be the backup from the Harvard Graduate School of Arts and Sciences website.

The backup -seeded from a Harvard IP address (and others)- carries many files, passwords and what appears to be a full directory structure for the site. Three other major database files are mentioned specifically, details as follows:

1. joomla.sql - claims to be the database for the Harvard site

2. contacts.sql - claims to be a database of contacts

3. hgs.sql - stated as ‘other minor thing’

The .NFO file included with the release says in broken English: “Maybe you don’t like it but this is to demonstrate that persons like tgatton(admin of the server) in they don’t know how to secure a website.”

A file included with the release labeled password.txt carries a message:

Thomas gatton….stupid people, you don’t use a secure password

username: Password:

tgatton *removed by TF*

jmartinez *removed by TF*

This appears to be a reference to Thomas Gatton, Systems Administrator and User Support Specialist at Harvard.

This is not the first time Harvard has been hacked. In 2005, a man using the name ‘Brookbond’ helped applicants to several universities get access to admissions records on their websites, an action described by the school as a “serious breach of trust”.

These files certainly appear to be ‘the real deal’. More on this breaking news story as we get it.

Update: The website in question seems to be down now. They are most likely trying to fix the security breach.

Attention : This is just personal response :

After autOnuX crosscheck it in to http://thepiratebay.org/
that hacked file still appear in thepiratebay
Admin yang sangat ceroboh :)

Selanjutnya terserah anda responnya :)


regards

autOnuX

0 komentar: