Harvard rejects business-school applicants who hacked site
It knows the names of the 119 applicants
Computerworld - Harvard Business School said it will reject the applications of the 119 applicants who hacked into the school's admissions Web site last week.
"I would like to have the last word on Harvard Business School's policy regarding applicants who hacked into the ApplyYourself, Inc., Web site containing confidential admissions information," Kim Clark, dean of the business school, said in an e-mail statement. "This behavior is unethical, at best -- a serious breach of trust that cannot be countered by rationalization. Any applicant found to have done so will not be admitted to this school."
Harvard has already said it knows the names of the 119 applicants.
Last week, a computer hacker helped applicants to several of the nation's best business colleges and universities gain access to internal admissions records on the schools' Web sites (see story).
Using the screen name "brookbond," the hacker broke into the online application and decision system of Fairfax, Va.-based ApplyYourself Inc. and posted instructions on the Internet that students could use to get information about their applications before any acceptance notices ever went out.
About 400 colleges and universities use the admissions management system, hosted and managed by ApplyYourself, to handle their admissions workflows. But only about a half-dozen schools use the decision management module, which allows individuals to determine if they have been accepted to a particular school.
The affected schools included Harvard, MIT's Sloan School of Management and business schools at Dartmouth College, Duke University and Stanford University.
A spokeswoman at the Stanford Graduate School of Business said 41 applicants tried to gain access to that school's admission information, but they were met with blank screens because no decisions had yet been posted. Stanford isn't saying what action it will take against those applicants.
"Business schools teach students to make decisions and to be accountable for those decisions," Derrick Bolton, the assistant dean and director of MBA admissions at Stanford, said in an e-mail statement. "We hope that the applicants who accessed their accounts might contact us to explain their behavior and to take ownership for their actions. We will take appropriate steps in the cases that warrant further scrutiny."
Like Harvard, the MIT Sloan School of Management is denying the applications of the 32 students who tried to hack into the school's admissions Web site. MIT said it does not post the information until after all admissions decisions are made and released, so no one who sought unauthorized access to his or her account gained access to any information.
"Honesty and integrity are critical character attributes for students at the MIT Sloan
- Step Out of the Bull's-Eye Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Is SQL Server AlwaysOn really as powerful? Tips and Tricks from the field With the introduction of AlwaysOn, Windows Clustering Services is now more critical than ever. All Cybercrime and Hacking White Papers | Webcasts