1. Home
  2. Higher Education Cyber Attacks History in US
  3. 2007 First cyber attack on Campus Solutions system (PeopleSoft incident)

2007 First cyber attack on Campus Solutions system (PeopleSoft incident)

13 Apr
13Apr

In the sphere of education, as well as in other spheres, various business applications serve to simplify business processes supervision. For instance, ERP-type systems are common in the field of Manufacturing and SIS (student information systems) are widely spread in the educational sphere. What is more, every industry has its typical systems, such as HR and CRM. These are business applications that store and process the most critical data. Consequently, no wonder that malefactors are likely to pay attention to them at some point. 

2007 was noteworthy as one of the attacks on PeopleSoft systems gained super popularity in media. In August 2007, aiming to modify grades, Christopher Jacquette, 29, from Florida, together with Lawrence Secrease and Marcus Barrington, used keylogging software on university computers to get the passwords necessary for logging into the PeopleSoft system at Florida A&M University. University staff members learned about the incident quite soon as the audit revealed the foreign software, so the altered grades were identified. The university might have been done with that, however, the hacking attempt of the trio repeated once again. This time, Jaquette also accepted US$1200 from two students for changing their residency status to ‘in-state’. The staff quickly disclosed the incident and finally Jacquette was sentenced to 22 months imprisonment and three years of supervised release. Overall, the data of 90 students was modified by about 650 grade-changes.

However, this year became infamous also due to several other Higher Education cyber attacks where hackers stole critical data. In an attack on the system of the University of North Carolina, a hacker accessed the personal data of 236,000 women that was used in a Chapel Hill research study. Social Security numbers of 163,000 participants were among the compromised records. The records formed part of the Carolina Mammography Registry, a project that compiled and analyzed mammography data. The incident was discovered only two years later, in 2009. The researcher was accused of acting negligently, but the attorney claimed there was no evidence of violating or ignoring rules in using the data. Finally, the researcher agreed to retire at the end of 2011 and was given the full rank and salary until that time.

I BUILT MY SITE FOR FREE USING