Hackers broke into the Web site of the Graduate School of Arts and Sciences this weekend and posted secure information to an online peer-to-peer network.
The user “kaboom73” uploaded the 125-megabyte file—which contained the site administrator’s secure user name and password, a back-up of the site’s server, site databases, and contact databases—to the torrent site Pirate Bay on Saturday.
At 8 p.m. yesterday evening, 30 “seeders” were distributing the files while 16 “leechers” were downloading them.
Likely in response to this breach, the GSAS site was shut down.
The Faculty of Arts and Sciences (FAS) Information Technology office could not be reached for comment.
The uploaded file was accompanied by a message from the site’s hacker stating that the information was released to expose the vulnerability of Harvard’s servers.
“Maybe you don’t like it but this is to demonstrate that persons like [the site administrator]...don’t know how to secure a web site,” the message read in broken English.
Thomas Gatton, FAS systems administrator and user support specialist, could not be reached for comment.
The weekend’s incident was described as “a major security breach” by the Web site Torrentfreak.com, which first reported the incident.
FAS servers were breached multiple times in the summer of 2003 in episodes that were traced to Brazilian hackers.
Hackers again broke into university Web sites in 2005, when they distributed secure admissions information from top business schools, including Harvard Business School. [SEE CORRECTION BELOW]
—Staff writer Abby D. Phillip can be reached at adphill@fas.harvard.edu.
CORRECTION
The Feb. 19 story, "Hackers Break Into GSAS Computer Network, Post Protected Content to Downloading Web Site," contained incorrect information about an incident at Harvard Business School in 2005. The article reported that the Business School's Web site was hacked and "secure admissions information" was distributed. In fact, the Web site in question was owned by ApplyYourself, an independent contractor hired by the Business School. Additionally, the site was not hacked—it had a glitch that allowed individuals to see their own admissions results in an unauthorized manner.
Read more in News
PfoHo Grill Cash, Food Stolen