Manipulated login software aids an attacker in capturing more than 1,500 passwords at University of Michigan
Incident Date: April 25 1999 Incident Location: Ann Arbor MI USA On April 25, 1999 an attacker broke into the authentication server at the University of Michigan using a stolen user account and password. Once on the system, the attacker installed software in order to capture other usernames and passwords. The attacker managed to collect 1,534 passwords during a 23 hour period on the system. Once detected, University of Michigan staff notified users of the incident and encouraged them to change their passwords. Passwords were automatically changed on May 4, 1999 (9 days later) for any users who failed to change their passwords themselves. The Federal Bureau of Investigations (FBI) was called in to investigate the incident. There was no information available on the outcome of their investigation. Story Sources Title: Hacker breaks into ITD login server Author: Rebecca Doyle Date: 5/10/1999 Publication: The University Record Publication Location: Ann Arbor MI USA Publication URL: http://www.umich.edu/~urecord/9899/May10_99/5.htm Do you have additional information to contribute regarding this story? If so, please email siteupdates@passwordresearch.com with the details and source.
<-- Back to Authentication Story Index |