Stevens Institute of Technology hacked; user data dumped

Another hack by #AntiSec, this time the New Jersey-based Stevens Institute of Technology.

31 first and last names, usernames, passwords (plaintext!) and email addresses exposed on Pastebinon July 7.  And in many cases, the passwords are identical to the simple usernames.  Not good.

I emailed Stevens over the weekend to ask them about the breach but they have not responded by the time of this posting.  Nor do I see anything on their web site.  If these data are from their database, as they appear to be, I hope they have notified students and staff to change their passwords and to take other steps to protect themselves.  [Update: see comment by former student in the Comments section as to what he was told about the breach.]

h/t, The Hacker News.

 

About the author: Dissent

2 comments to “Stevens Institute of Technology hacked; user data dumped”

You can leave a reply or Trackback this post.
  1. Anton - July 18, 2011

    I am a former student of the university. When i reached out for a response this is what i got.

    I am the Chief Information Officer at Stevens. Stevens did experience a minor data
    breach in a data base on a web server with public information. The
    compromised data was reported as a password file but contained no actual
    passwords that could be used for authentication on any system or application
    at Stevens. Personal information was not accessed nor was any personal
    information capable of being accessed using any of the information that was
    obtained.

    • admin - July 18, 2011

      Thanks for providing that info!

Comments are closed.