Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Security breach leaves student data open

July 9, 2002 12:00 PM ET

Computerworld - A Web log generated by an online registration process opened a security breach over the weekend for a company that provides telephone service to students at about 70 small colleges nationwide.
The breach allowed outsiders to search for the names, Social Security numbers and addresses of about 2,000 students who registered with Resicom Corp. via its Web site, according to Resicom President Leidy Smith.
Smith said the Doylestown, Pa.-based company was told of the breach via e-mail and had fixed the problem by yesterday afternoon. In addition, all the colleges served by the company were notified of the problem.
Smith said that while the company is very concerned about the breach, the situation was mitigated by the fact that in order to access the information, a person needed to include a particular keystroke such as a pound symbol or a dollar sign between the first and last names to make a search work. He would not say what that key was.
Essentially, every time someone registered on the Web site, the Web logs noted that registration. Those logs were created as a text file, and it was that file that was searchable using the first and last name, along with the special keystroke.
Smith said the permission level to access the Web logs was set too low and has since been changed. He said he believes the access threshold was lowered accidentally during maintenance.
At no time was the company's main database containing more than 100,000 student accounts open or affected by the breach, Smith said. He added that the main database is behind a firewall and located at another site.






Jump to comments

Security

Additional Resources

Xerox
By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!
Microsoft
Save time and mitigate security risk. Deploy it now.
Sybase
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

White Papers & Webcasts

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.  

Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.

Why Email Must Operate 24/7 and How to Make This Happen
Learn how to avoid an email outage by implementing a hosted email continuity solution.  

Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...