Harvard Was Hit!!

As far as I know from on-site experience and my close friends that work in the field, most universities have very secure networks, and breaking in from outside is almost impossible. Just think about the fact that students can be excellent hackers, but smart students capable of becoming hackers end up in a system administrator position for their university (obviously, depends on the university). Anyway, since Harvard is not just some university, finding out that Harvard was successfully attacked it came as a shock to me, as it happened with most people that are finding out about this, as we speak!


For now, all we know is what Harvard released to the public, as information about the incident, as their Monday statement says its database of applicants to the Graduate School of Arts and Sciences from last year was exposed, from those 10,000 applicants that could have had their personal information exposed, at least 6,600 having comprehensive profiles on file. What doesn that mean?

Basically, 6,600 sets of name, Social Security number, date of birth, mailing and email address, phone number, test scores and school records could be in the wrong hands, and some of these comprehensive sets of data even include intimate details such as personal health issues.

To make things even worse, a 125MB BitTorrent file containing a full backup of the GSAS site, including the databases, became available, and according to the hosts of the file, everything was done to prove that the server's admin at Harvard has no idea about efficiently secure a Web site.

All right, they proved this. So, what next? Breaking in some NASA servers? Hopefully not...