RIT Information Security Advisory: Published Accounts of Hacker Breaching RIT

A Russian-speaking hacker provided a list to an online publication claiming that he had breached 63 different agencies and institutions. RIT was one of the institutions on the list.

The term “breach” is a bit of a misnomer. The attacker found what’s known as a SQL injection vulnerability in one student website hosted on people.rit.edu. A SQL injection vulnerability typically occurs when someone is able to enter unexpected data (such as commands) into a login field, gaining access to portions of the database to which they shouldn’t have access.

What RIT is Doing

RIT is remediating and verifying that there are no other instances of this vulnerability in the RIT web environment.

What You Need to Do

If you have created a website on people.rit.edu (or anywhere else):

  • Ensure that you are keeping all components of that website, such as WordPress plugins, up to date. Hackers exploit published vulnerabilities. Keeping everything up to date greatly reduces the possibility of having a website hacked.
  • Review the RIT Information Security Web Standard at https://www.rit.edu/security/content/web-security-standard and the associated web compliance checklist. Following the practices in the standard will help you create a policy-compliant website that will resist attacks.
  • For specific information about this type of attack and how to secure your website against it by filtering client input, please visit https://www.rit.edu/security/content/client-input-filtering-practices

For More Information