4chan students hack district schools; Changed grades and $9,000 meals
Summary: 4chan hackers accessed a New Jersey school district's student data system, and changed grades and meal prices to $9,000, all in aid of a good laugh.
Students managed to gain access to their school data system and change their grades, after the username and password of the school data system was published on 4chan.
The username "admin" along with the password, now changed, "poopnugget", allowed students to access the data system in the New Jersey school district to change their grades and other district wide settings.
One user took advantage by changing the school lunch prices to $9,000 and another changed the grading system so it only took 1 credit to graduate.
One of the hackers also accessed the emergency notification system, designed to send out text messages to students, staff and parents.
It didn't take long before what is presumed someone with a moral conscience contacted the school or changed the password to prevent any further harm.
But with dozens of schools connected to the same system, havoc could have easily been wreaked across the entire district.
It wouldn't surprise me to find the day after being classified as a 'snow day'.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
RE: 4chan students hack district schools; Changed grades and $9,000 meals
RE: 4chan students hack district schools; Changed grades and $9,000 meals
RE: 4chan students hack district schools; Changed grades and $9,000 meals
RE: 4chan students hack district schools; Changed grades and $9,000 meals
RE: 4chan students hack district schools; Changed grades and $9,000 meals
RE: 4chan students hack district schools; Changed grades and $9,000 meals
That's just sad. That term has been watered down to be almost meaningless if that is the case.
RE: 4chan students hack district schools; Changed grades and $9,000 meals
http://www.wisegeek.com/what-is-computer-hacking.htm
According the the Geek.com technical dictionary:
"Cracker - This is the common term used to describe a malicious hacker. Crackers get into all kinds of mischief, including breaking or "cracking" copy protection on software programs, breaking into systems and causing harm, changing data, or stealing. Hackers regard crackers as a less educated group of individuals that cannot truly create their own work, and simply steal other people's work to cause mischief, or for personal gain."
"Hacker - This is someone that seeks to understand computer, phone or other systems strictly for the satisfaction of having that knowledge. Hackers wonder how things work, and have an incredible curiosity. Hackers will sometimes do questionable legal things, such as breaking into systems, but they generally will not cause harm once they break in. Contrast a hacker to the term cracker."
A hacker is a person who is proficient with computers and/or programming to an elite level where they know all of the in's and out's of a system. There is NO illegality involved with being a hacker.
A cracker is a hacker who uses their proficiency for personal gains outside of the law. EX: stealing data, changing bank accounts, distributing viruses etc.
What the hacker does with their knowledge of systems within the definition of the law is what defines them as a hacker vs a cracker. It's then safe to say that all crackers are hackers, but not all hackers are crackers. This is an important distinction.
The term cracker and hacker are used interchangeably (albeit incorrectly) largely due to the ignorance of the general populace, especially the media.
Note: There are comments associated with this question. See the discussion page to add to the conversation
RE: 4chan students hack district schools; Changed grades and $9,000 meals
RE: 4chan students hack district schools; Changed grades and $9,000 meals
Gaining knowledge of a password by social engineering and then accessing the computer would be hacking. Gaining knowledge of a password by having that first person (who did the social engineering) give it to you is NOT hacking. Social Engineering is one of the aspects of hacking.
RE: 4chan students hack district schools; Changed grades and $9,000 meals
Agreed
RE: 4chan students hack district schools; Changed grades and $9,000 meals
Remember this person changed the password from something else to poopnugget so I think this is a hack. Who hacked it is the question now.
These 3rd party school automation systems appear to be not that secure since this not the only hack that has occurred on these systems.
RE: 4chan students hack district schools; Changed grades and $9,000 meals
RE: 4chan students hack district schools; Changed grades and $9,000 meals
And that's what I'm saying. If I leave my password on a post-it, you log in as me, do something, then change my password, you're a hacker? It just doesn't seem right to classify someone who does that with the same people who discover and exploit SQL injections, buffer overflows, etc.
RE: 4chan students hack district schools; Changed grades and $9,000 meals
RE: 4chan students hack district schools; Changed grades and $9,000 meals
Nice...
RE: 4chan students hack district schools; Changed grades and $9,000 meals
I don't care who you blame it on - I'm not trying to justify anyone's behavior, just that it's the school district who end up living with the consequences. You've got locks on your doors, right? What about the fact that people simply shouldn't rob you? Why put effort into protecting yourself from someone else's behavior, when they should just be well behaved to begin with?
I can't control the behavior of criminals or naughty children. What I can do is evaluate and mitigate the risks I'm exposed to from those individuals. And when I have an opportunity to lessen a risk, and I choose not to, being able to blame the bad guy is a lot less comfort than never having had the problem to begin with.
Funding... or lack there of.
...There's not a lot of room to buy a fancy security system, or do all the training for a paradyme shift...
Oh, and remember... the bureaucrats have to obey the demands of the political masters, who generally are not aware of security implications.
RE: 4chan students hack district schools; Changed grades and $9,000 meals
RE: 4chan students hack district schools; Changed grades and $9,000 meals
Tom, can you point out where I said I approved of their actions? I apologize for not making my point with sufficient clarity for you to understand it, but your moral indignation is not going to clean up the giant mess on the school's network. All I'm trying to say is that if the network had been better protected, they would have avoided this whole thing.
Some people are in charge of security, and others are in charge of mayhem. The weaker the security, the better the opportunity for mayhem. Criminals commit crimes, and you and I are ill equipped to change that - hence the need to protect ourselves against it with, among other things, security devices.
I'm sure the people whose network is hosed are very comforted to know that you don't approve of those who did it. And when it happens again, they'll be good and mad that the bad guys didn't listen better and learn their lesson.