[WASC-WHID] WHID 2011-84:Hackers access personal info of Lancaster County students

WASC Web Hacking Incidents Database wasc-whid at lists.webappsec.org
Mon Apr 25 09:25:27 EDT 2011


*Entry Title: *WHID 2011-84:Hackers access personal info of Lancaster County
students
*WHID ID: *2011-84
*Date Occurred: *April 20, 2011
*Attack Method: *SQL Injection
*Application Weakness: *Improper Input Handling
*Outcome: *Leakage of Information
*Attacked Entity Field: *Education
*Attacked Entity Geography: *South Carolina
*Incident Description: *LANCASTER, S.C. -- The Lancaster County School
District says hackers may have stolen the personal information of 25,000
students in the district's database.
Schools officials are now trying to contact everyone who might have been
affected. Information stored in the database goes back 10 years.
*Mass Attack: *No
*Reference: *
http://www.wcnc.com/news/local/Personal-Information-of-Thousands-exposed-to-Internet-Hackers-120316064.html
*Attack Source Geography: *
*Number of Records: *25,000
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/wasc-whid_lists.webappsec.org/attachments/20110425/f0112f31/attachment-0003.html>


More information about the wasc-whid mailing list