Early reports indicate that a Harvard University website has become the victim of a major security breach. A torrent currently tracked by The Pirate Bay which links to a 125mb .zip file, claims to be the backup from the Harvard Graduate School of Arts and Sciences website.
The backup -seeded from a Harvard IP address (and others)- carries many files, passwords and what appears to be a full directory structure for the site. Three other major database files are mentioned specifically, details as follows:
1. joomla.sql – claims to be the database for the Harvard site
2. contacts.sql – claims to be a database of contacts
3. hgs.sql – stated as ‘other minor thing’
The .NFO file included with the release says in broken English: “Maybe you don’t like it but this is to demonstrate that persons like tgatton(admin of the server) in they don’t know how to secure a website.”
A file included with the release labeled password.txt carries a message:
Thomas gatton….stupid people, you don’t use a secure password
tgatton *removed by TF*
jmartinez *removed by TF*
This appears to be a reference to Thomas Gatton, Systems Administrator and User Support Specialist at Harvard.
This is not the first time Harvard has been hacked. In 2005, a man using the name ‘Brookbond’ helped applicants to several universities get access to admissions records on their websites, an action described by the school as a “serious breach of trust”.
These files certainly appear to be ‘the real deal’. More on this breaking news story as we get it.
Update: The website in question seems to be down now. They are most likely trying to fix the security breach.