SMS
RSS feeds
Reddit
NewsvineJust before winter break, several students received an e-mail from Stanford Information Technology Systems and Services (ITSS), instructing them to change their SUNet passwords. According to the message, the University computer systems had been hacked into, and the hackers had obtained several user ID and password combinations.
ITSS became aware of the problem during the beginning of December and promptly alerted the affected students. The e-mail explained that there had been a security breech in Cardinal4, one of five machines used primarily to display e-mail. The hacker was able to manipulate the password encryption program of Cardinal4, known as the secure shell server (SSHD). After this was done, whenever students logged on to check their e-mail, the hacker could easily view the passwords they logged on with.
Many Stanford students, who admit they take the security of the University computer system for granted, said the fact that it is not completely hacker-proof is frightening.
“I guess I always assumed that Stanford’s computers were safe and secure,” said freshman Alex Laube. “Now that I know they’re not; I feel nervous about having so much private information on my SUNet account.”
Though only a few students’ identities were compromised in this specific case, it serves as a warning to all students that the consequences of identity theft can be devastating.
If someone gains access to a student’s online identity, he can “send spam, distribute illegal things, send e-mails that look as though the student sent them and gain access to personal information,” said Rich Holeton, head of Residential Computing.
Niran Babalola, the Otero resident computer coordinator, verified all of these dangers, though he said that theft of a SUNet ID is not quite as serious as the theft of online banking identities.
However, according to Babalola, there is a great deal of private information in Stanford’s accounts, and students should take reasonable measures to ensure their security.
Tips from Babalola included the following: choose passwords with random symbols, essentially anything not normal or logical; change passwords regularly, which can be done at stanfordyou.stanford.edu; and be wary of computers which you type your password into. Stanford computers are safe, but any public computers may be infected with viruses which record username and password combinations.
According to Holeton, online security is an issue of utmost importance to the University, and many services such as ITSS and Residential Computing work to keep the computer systems secure. In addition, each on-campus residential house is staffed with an RCC who helps students with all computer-related issues, such as printing and internet connection, and also advises students on how to keep their computers free of viruses.