Manipulated login software aids an attacker in capturing more than 1,500 passwords at University of Michigan
Incident Date: April 25 1999
Incident Location: Ann Arbor MI USA
On April 25, 1999 an attacker broke into the authentication server at the University of Michigan using a stolen user account and password. Once on the system, the attacker installed software in order to capture other usernames and passwords. The attacker managed to collect 1,534 passwords during a 23 hour period on the system.
Once detected, University of Michigan staff notified users of the incident and encouraged them to change their passwords. Passwords were automatically changed on May 4, 1999 (9 days later) for any users who failed to change their passwords themselves.
The Federal Bureau of Investigations (FBI) was called in to investigate the incident. There was no information available on the outcome of their investigation.
Title: Hacker breaks into ITD login server
Author: Rebecca Doyle
Publication: The University Record
Publication Location: Ann Arbor MI USA
Publication URL: http://www.umich.edu/~urecord/9899/May10_99/5.htm
Do you have additional information to contribute regarding this story? If so, please email firstname.lastname@example.org with the details and source.