Well, to answer my own question and if anyone is concerned, kids DO enter their SS# on the CA. Ugh.
I doubt the hacker got SS info. Probably it’s more an amateur has a list of who applied and their email addresses. If it was the CommonApp or FAFSA, millions would get an email. @homerdog
They have more than e-mail addresses; the e-mail has birthdays, names of the subject tests submitted, and the name of the interviewer. And they sent it from Grinnell’s e-mail account. Hamilton’s e-mail yesterday said SSNs are encrypted, so I’m hoping that’s true everywhere. I’m not SUPER concerned about this yet, but it is a little worrisome that there’s no word yet from Grinnell about what’s going on.
Wow, that’s pretty bad.
@kokotg agreed … our daughter’s email included her date of birth, which test she submitted and it came from this email address: admission at grinnell dot edu
This is a different level than just getting an email list
Yea even i got this mail with my address, date of birth followed by another mail which had all the test I had taken from their official mailing id.
I already deleted the emails but can someone check the email address they came from? I heard that Grinnell was actually misspelled in the email these came from so it’s not really from Grinnell dot edu.
I think it is pretty ironic that after promoting “HACKING AS SOCIAL JUSTICE” less than a month ago they get hacked (http://www.thesandb.com/article/hack-grinnell-college-promotes-hacking-as-social-justice.html) …does anyone have any updates?
@homerdog I still have the email and the address looks exactly the same
also does anyone know anyone who did it?..curious to see if they would actually send it
Grinnell just posted on FB that they are alerting the FBI. Told everyone to not respond to the email.
yea, it did include my b-day as well-- and also recognize that I am an international student (it is sent through the international admission office)
Seems like it must be someone pretty familiar with how college admissions works; they knew exactly what information people would want to see (in particular, they knew that teacher recommendations are the part of the submitted application that students wouldn’t have already seen). I’m still really surprised there’s been no direct information from Grinnell to prospective students…I know they posted on facebook and twitter (and the main page of the website), but the last e-mail anyone got from “Grinnell” is the one asking for money.
The thing about a post is you can roll it back. If they’re sending an email, they’re going to want to get the message right the first time. I’d think they’d want to send something short and to the point with more to follow, but it takes a while pull an accurate, useful, message together.
I got a message from the hacker, not an email, but on Reddit
did anyone buy? i am kind of curious if they actually got the whole file but not wanting to get involved enough to buy.
Guys no one has bought it
Saw this and wanted to give a technical/data perspective on this for people:
It looks like Slate, a technology service that many portals used, has configurable password reset options that range in the level of security. Hamilton/Grinnell seem to have had relaxed password reset settings that allowed a bad actor to get in and download the admissions data. Slate is claiming this is contained to just these schools.
As far as exposed data, it looks like things like CC/SSN should be encrypted/unavailable to access via the portal and likely not in possession of the hackers. I’d wait for confirmation on this, but I would not be concerned about that data at this point.
DOB, test scores, and any application info will almost certainly be in their possession. Financial aid info is likely safe, though any additional document submissions are worth checking in on.
It’s likely the emails were either sent via the Slate portal once access was gained via the password reset or the email merely looked official. I’d have to see the exact email myself to know for sure, but no email accounts are compromised of any students or for any future official emails from the schools.
So far no one has paid for their admissions file. You can check if that’s still the case by looking for transactions at the BTC address they gave in their emails which appears to be the same for all emails:
https://www.blockchain.com/btc/address/14ynXYJE8yC8PP2MS1E1A8eEnUnV53e5DH
I would not be surprised to see either school or Slate get sued over this exposure of test scores or teacher recommendations on FERPA grounds when all the dust settles.
Most of this is not official, just a summary of information I’ve seen posted online with reasonable technical assumptions. Wait for formal statements before acting on this information.
Thanks @PengsPhils At this point, I’m assuming that the hacker just thought he/she could make money by selling the data to students. I don’t like that the birthdays are out there or the essays, scores, etc. but I don’t know what they could really do with them.
My DD received this, and so did her friend. The kids thought it was funny. Now if they promised to share decisions ahead of time… considering Grinnell has probably got those ready to go (we figure decisions will likely come out a weke from tomorrow… 3/15)