http://www.stltoday.com/stltoday/news/stories.nsf/News/Metro+East/A3F75AB9CA0230BB86256EEE0012DF3B?OpenDocument&Headline=Hackers+download+SIUE+data,+police+say By Trisha Howard Of the Post-Dispatch 08/11/2004 The names and passport information of more than 500 foreign students at Southern Illinois University Edwardsville was illegally downloaded last week by a fellow student at the school, according to a search warrant filed Wednesday by university police. Greg Conroy, an SIUE spokesman, said Wednesday that three students had been questioned Friday after university officials discovered the security breach. Conroy said he expected the university to seek criminal charges in the case. The search warrant, filed in Madison County Circuit Court, said that the hacker downloaded the information from a special database set up to comply with provisions of the federal Patriot Act. The data included names, dates of birth, Social Security numbers and visa information, Sgt. Marty Tieman of the SIUE Police Department said in his affidavit. Conroy said that employees in the university's Office of Information Technology found out about the breach on Friday while doing their daily check of activity logs. The log showed that someone had downloaded the information early that morning. Computer experts then tracked the computer to one of three students who share an apartment at Cougar Village, Conroy said. On Friday afternoon, police seized three computers from the apartment and questioned the three students, Conroy said. Tieman said in his affidavit that police were greeted at the door by one of the three students, who admitted that he had seen his roommate access the server and download the information. Conroy said that officials had not yet determined a motive. "For all I know, these students could have been doing this as a prank," Conroy said. "At this point, I don't know what they wanted to do with the information." Conroy said investigators from a Metro East law enforcement computer task force were examining all three computers for evidence. He emphasized that the system does not allow hackers to change vital information. But he said that the breach was possible because an employee had failed to disable a feature that gives people access to the system without a password. "The students were scanning the system, they found the flaw, and they started downloading files," Conroy said. "It's an unfortunate mistake, but it happened." _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/ --- end forwarded text -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'