Hackers claim to steal 110,000 SSNs from Tenn. school system
Close to 9,000 SSNs belonging to students, employees publicly posted
Computerworld - A hitherto unknown hacking group claimed responsibility for a hacking attack on a county school system in Tennessee that may have exposed the names, Social Security numbers and other personal data belonging to about 110,000 people.
The group, which called itself Spex Security, later posted 14,500 of the compromised records online and has threatened to post more. Those affected by the breach include an unknown number of former and current students and employees of the Clarksville-Montgomery County School System (CMCSS).
In a message on Pastebin.com, an individual who appeared to be a member of the group suggested that the intrusion at CMCSS was carried out as retaliation for its "belligerence."
"To be clear here, we gave Tennessee a chance to comply and they didn't, therefore, this is the consequence they'll have to swallow," the rambling message stated.
"Our primary suspects include the U.S Government for torturous and deceptive acts on our own soil, the Educational system for exuberantly being blown over and belligerently not patching the holes in their system, and anybody else who partook a role in the Murder of America," the message said.
Elise Shelton, a CMCSS spokeswoman, said school system officials learned of the breach from the Clarksville Police Department, which received a tip from a caller.
The school system was able to confirm the breach on Monday and immediately took the site offline, she said. As of Wednesday afternoon, the main CMCSS.net site was still down, and there was no indication of when it will be restored, she said.
Investigators are still trying to determine what happened and it is not yet clear when the breach might have occurred or how it was done, Shelton said. It is also not immediately clear whether all the records that the hackers claimed to have accessed came from CMCSS, she said.
For the moment, the school system is assuming that records on an unknown number of its former and current employees and students have been breached. CMCSS has contacted all 4,000 or so of its current employees and roughly 31,400 enrolled students about the potential breach of their Social Security numbers and other personal data.
The real challenge is in notifying former employees and students, Shelton said. CMCSS is actively engaged with local news media to try and get the word out. About 8,000 of the affected students are "military-dependent" children from the U.S. Army's Fort Campbell, located on the state line between Tennessee and Kentucky. CMCSS authorities are working with the military to find a way to communicate details about the breach to military families whose children may have been affected, she said.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Cybercrime and Hacking White Papers | Webcasts