Duke Law School’s Website Hacked

A cyber terrorist who hacked into the school's site may have stolen the Social Security numbers of almost 1,400 future Duke Law School pupils, officials alleged on December 4, 2007. The details in the application database contained the candidate's e-mail addresses and user-created passcodes.

On December 5, 2007, the school announced that the applicants whose database was infected were being informed about the matter through e-mail and general mails, as reported on December 6, 2007 by COMPUTERWORLD.

Duke Law School's Associate Dean of Admissions, William J. Hoye, in an e-mail on December 4, 2007 revealed that the college does not have any proof that the hackers had downloaded or accessed any such data. However, it is fully known that the hackers do have the chance and tools to access the database.

As per school officials, illegal links started surfacing on the website close to 3:30 p.m. on Nov. 29, 2007, and shortly, the site was taken offline. Webmasters had moved the illegal links and restored the website by the morning of November 30, 2007.

Prolonged investigation found that a couple of databases - one for pupils who had asked for data about the law school and the other for pupils who had put in their applications - were open for cyber-terrorists to view.

Melinda Vaughn, the spokesperson of the school, stated in a statement reported by The News & Observer on December 4, 2007 that the private data of two existing students is perhaps accessed in this attack. According to her, these two are amongst the potential students who had created passwords to confirm the position of their applications.

Vaughn said in another statement reported on December 6, 2007 by COMPUTERWORLD that a probe into the hackings is ongoing. Up to now, she noted, researchers have discovered that the hackers have evidently infiltrated the databases by means of third-party applicants to the site. Vaughn reiterated that though the school is aware of them, but do not wish to divulge any details till the probe ends.

Vaughn added that the pilfered Social Security numbers in first database are password secured. She claimed that her school wanted to know precisely what has happened before going public with it and that they have planned to post their conclusions on their website once the probe is over.

Related article: Dixie College Suffers Data Hack

» SPAMfighter News - 12/22/2007