Thursday, February 25, 2016

Cornell University looks the other way

As part of a new initiative to notify users of leaked credentials Jigsaw Security a member of SLC Security notified Cornell of a security issue. The response from Tom McMahon was interesting.

Quote:
"Stop scaring our users."

The interesting thing is that Cornell has been hacked numerous times as evidenced by the following: 
http://www.databreaches.net/u-of-hawaii-and-cornell-university-hacked-by-marxistattorney/ 
http://pastebin.com/GRTDZ6Ns
http://timesofindia.indiatimes.com/tech/it-services/Indian-student-in-Cornell-University-hacks-into-ICSE-ISC-database/articleshow/20450666.cms

We could go on and on but we can certainly understand their reluctance to respond to notifications. Hopefully the end users are more concerned about these disclosures than the administration. 

No comments:

Post a Comment