14 DAY TRIAL // The official websites of universities and research institutions are known to be vulnerable and this story demonstrates this. Sepo, the hacker that’s known for finding flaws where you would least expect it, breached the sites of the Engineering Professors’ Council, the Department of Computer Science and Engineering at Oakland University, and Hiram College.
From the website of the Engineering Professors’ Council he didn’t leak much, but the administrator’s username and password are more than enough for someone to cause some serious damage.
“I told ya in the last post - Keep Your Data in Secure! You should expect me!” the hacker wrote on his blog.
The cse.secs subdomain of Oakland University also turned out to contain some serious security holes which allowed Sepo to leak the database’s structure, along with email addresses, phone numbers and password hashes apparently belonging to students.
“This is so funny! The CSE department have active research programs in software engineering, multi-core computing, networking, computer security and forensics, human-computer interaction, and data mining and intelligent information processing...' - No Comments!” he said.
“How can you secure someone's data if you can't secure your own data? Ask yourself!”
Hiram College, another victim of this series, is an institution where 1,200 students from 23 countries study. However, its reputation is not enough to guard its website against hackers.
To prove this, Sepo published information from a database called hiram, which contained names, job titles, ID numbers, email addresses, cities and states.
The last website targeted by the Eastern European hacker belongs to the Nigerian Society of International Law. Fortunately for the site’s administrators there was no damage caused, the only thing being published were some database table names.
For more information on Sepo and his personal and professional activities, you can check out the interview we’ve had with him part of our Hackers around the world series.