Several thousand UMKC students must change passwords after hacker steals password file

Incident Date: January 11 2004
Incident Location: Kansas City MO USA

Students and staff at the University of Missouri Kansas City (UMKC) were told to change their passwords on January 12, 2004 after an attacker managed to download an encrypted password database containing around 17,000 accounts. The attacker targeted a Windows computer -- probably a domain controller -- that authenticated users accessing the UMKC Microsoft Exchange mail service.

Tom Brenneman, the UMKC interim director of information services said there was no evidence that any other files were tampered with. He also reported that UMKC was alerted to the breach by new security monitoring software running on the system.

While the passwords were encrypted, both open source and commercial software is freely available to perform password cracking. An attacker could have cracked low to medium strength passwords and gained unauthorized access to accounts within the reported four days it apparently took UMKC personnel to shut down the system and require password changes.

FBI investigators seized two university computers suspected of serving as entry points for the attacker. At the time of this report, no further update on the progress of the investigation was available.

Story Sources

Title: Hacker steals UMKC cyber secrets
Author: Paul Wenske, Gregory S. Reeves
Date: 1/14/2004
Publication: Kansas City Star
Publication Location: Kansas City MO USA
Publication URL:

Title: FBI looking at UMKC hacking incident
Author: Paul Wenske
Date: 1/30/2004
Publication: Kansas City Star
Publication Location: Kansas City MO USA

Do you have additional information to contribute regarding this story? If so, please email with the details and source.

<-- Back to Authentication Story Index

[Home] [About Us] [News] [Research]

Copyright © 2016