Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Security breach leaves student data open

July 9, 2002 12:00 PM ET

Computerworld - A Web log generated by an online registration process opened a security breach over the weekend for a company that provides telephone service to students at about 70 small colleges nationwide.
The breach allowed outsiders to search for the names, Social Security numbers and addresses of about 2,000 students who registered with Resicom Corp. via its Web site, according to Resicom President Leidy Smith.
Smith said the Doylestown, Pa.-based company was told of the breach via e-mail and had fixed the problem by yesterday afternoon. In addition, all the colleges served by the company were notified of the problem.
Smith said that while the company is very concerned about the breach, the situation was mitigated by the fact that in order to access the information, a person needed to include a particular keystroke such as a pound symbol or a dollar sign between the first and last names to make a search work. He would not say what that key was.
Essentially, every time someone registered on the Web site, the Web logs noted that registration. Those logs were created as a text file, and it was that file that was searchable using the first and last name, along with the special keystroke.
Smith said the permission level to access the Web logs was set too low and has since been changed. He said he believes the access threshold was lowered accidentally during maintenance.
At no time was the company's main database containing more than 100,000 student accounts open or affected by the breach, Smith said. He added that the main database is behind a firewall and located at another site.






Jump to comments

Security

Additional Resources

WHITE PAPER
Approximately 60 percent of data migration projects overrun time or budget, while some fail completely. Download this white paper, "Enhancing Your Chance for Successful Data Migration," to learn the critical steps you need to take to execute a data migration project with minimum cost and risk to your business.
WHITE PAPER
Read the Gartner research note to learn why the TCO of a server-based computing deployment used to deliver all applications to users is around 50% lower than that of an unmanaged desktop deployment.
WHITE PAPER
Economic downturns have a tendency to accelerate emerging technologies, boost the adoption of effective solutions, and punish solutions that are not cost competitive or that are out of synch with industry trends. This IDC White Paper presents the results of an IDC survey of 330 companies in Western Europe, Asia/Pacific and the Americas that measures the receptiveness to Linux and takes into consideration changing views driven by the disruptive economic environment that businesses face today.

White Papers & Webcasts

Share our Strength
Download Now  

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.

Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...