Who’s doing it and what’s being done to prevent itEditor's Note: In a developing and related story 160,000 University of California-Berkeley students and alumni have had their university records stolen by Hackers: (See below)
by Zack Martin, Editor, Avisian Publications
Hacking can mean many things. The image it conjures for most is that of a young man in a dark room lit by nothing more than the glow of a computer monitor, trying to break into some top-secret government system or steal credit card numbers.
On college campuses hacking can mean a number of different things and threats can come from students as well as outsiders. Hackers attack university databases and systems but they also are targeting the student ID card.
Several high-profile incidents have hit close to home with the campus card community, but securing cards isn’t enough. Universities need to secure payment and IT networks as well or risk data falling into the hands of hackers.
What happened at Harvard is just about a campus card director’s worst nightmare. In July 2008 a Harvard undergraduate student was caught making fake Harvard University ID cards. Not just any cards, but duplicate cards of those belonging to the University President Drew G. Faust, Assistant Dean of the College Paul J. McLoughlin II, and Dunster House Superintendent H. Joseph O’Connor, according to the Harvard Crimson.
The student was able to replicate the magnetic stripe on the back of the card and gain access to buildings and gates across campus with only knowledge of the individual’s university ID numbers and a $200 card reader purchased on eBay. He was also able to make purchases using the individual’s Crimson Cash accounts, which are used to pay for items on and off campus.
The hack was the impetus for Harvard to launch new IDs for the students, faculty and staff in the Faculty of Arts and Science. The university rolled out iClass contactless smart cards from HID Global for physical access to facilities. The new card has two magnetic stripes on the back that are used for payments and other functions, according to the Harvard Crimson.
Mag stripe has its uses
At George Washington University in Washington DC, Ken Pimentel’s biggest fear is someone copying the mag stripe on the card and using it to gain access to a dorm or somewhere else they should not go. “There’s nothing wrong with mag stripe at the point of sale,” says Pimentel, director of the university’s GWorld Card Program.
Continue Reading at CR80News.com
DATA THEFT -- U.S.
160,000 University Records Stolen
Hackers have stolen the personal information of 160,000 current and former University of California-Berkeley students, reports the San Jose Mercury News. Health center records from as far back as 1999 were breached over several months, exposing names, Social Security numbers, immunization histories and other information. Associate Vice Chancellor for Information Technology Shelton Waggener said the thieves got in through the university's Web site. "You should think of it as a public building," he said. "They got into the building properly, but then they broke into secure areas." One law student said: "We're all young people and we don't have a lot of credit established. That's really frightening..."
Full Story