Computerworld - Two former Fresno State students were charged last week by a federal grand jury with hacking into the university's computer network as part of a grade-changing scheme.
John Escalera, 29, of Fresno, Calif., and Gustavo Razo Jr., 28, of Pasadena, Calif., were charged with multiple counts of conspiracy, wire fraud, identity theft and unauthorized computer access, according to an indictment unsealed last Wednesday. The men face up to 20 years in prison and fines of up to $250,000 if convicted.
According to the indictment, Escalera worked at Fresno State's computer help desk and used his access to a PeopleSoft management system program to hack the password of a supervisor, then used that to obtain full administrative privileges. Armed with root rights, Escalera was able to access the usernames and passwords of several people authorized to change student grades, including the school's registrar and its academic records coordinator.
"Using this access, the defendant made grade changes from lower grades to higher grades for himself and later for his friend, Gustavo Razo Jr.," the indictment said. Several changes were made to both men's grades in the first half of 2004, but the discrepancies were not noticed until a routine audit uncovered them in January 2005.
Both Escalera and Razo pleaded not guilty last week, and were released pending a hearing Nov. 16.
In a memo that went out to all Fresno State faculty and staff last Thursday, the university's provost spelled out changes that had been made to prevent a repeat. Among them, said Jeri Echeverria, provost and vice president for academic affairs, included upgrading overall system security and creating an automated e-mail notification system that pings faculty when a grade change is posted to one of their students' transcripts.
"I would like to assure you that accurate maintenance of grade records is of utmost importance to all members of the university," said Echeverria in the Nov. 1 memo. "Proper measures have been taken to both rectify the situation and deal with the offenders."
Echeverria's memo indicated that Escalera and Razo were not the only students or ex-students involved in grade changes during the first six months of 2005. "A small number of students were found to have made unauthorized changes to their own grades and the grades of a few other students," Echeverria said. "Because some of the participants were found to have engaged in potential criminal violations, the discovery was referred to the Federal Bureau of Investigation and subsequently to the United States Attorney's Office for prosecution."
When asked today about the extent of the grade changing, university spokeswoman Shirley Armbruster declined to comment.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
