Cyber-Ark, the company data security specialist, says that the Harvard University hack, details of which have emerged in the US over the weekend, could have been avoided if the university had protected its student data.
The systems hack, which resulted in details of more than 10,000 graduate students and applicants being viewed by the hackers, is notable as the university is reputed to have some of the best security systems installed on an educational computer system in North
America, said Calum Macleod, Cyber-Ark's European director.
It seems that the hackers are hell-bent on embarrassing the university as, following their attack last month, they posted part of the information they downloaded on the students and applications to the Internet, he added.
According to Macleod, since the student and application's information includes social security numbers, the risk of identity theft if the hackers decide to pass on or use the downloaded data is very high.
This hack has been an identity thief's paradise and the sad thing is that the whole affair could have been avoided if the university had taken a more secure approach to its sensitive information as it reportedly does to its network security, he said.
Modern encryption software can be used to restrict access to only those people that need to view the data, as well as encrypting and similarly protecting the data to prevent information leaks like this. If the university had protected its data in this way, the hackers would never be able to even see the file, even they were internal IT , he added.
For more on the Harvard University database hack: tinyurl.com/3xf3py
Cyber-Ark says Harvard hacking attack fallout could have been avoided
Cyber-Ark says that the Harvard University hack, details of which have emerged in the US over the weekend, could have been avoided if the university had protected its student data.
