Full Story about a Kid Suspended for Hacking School's Software
The trending Topic ending last week was about an 11th grader student named Bill Demirkapi who lives in Lexington, Massachusetts who was able to find a vulnerability on Aspen software his school runs with. This Software stores all his school's record such as students password, date of birth, transcript and many more.
After Bill Demirkapi found out the software has some bugs the school doesn't know about, his plan was to responsibly inform the company about this flaw and for them to fix the issue which will protect the student's sensitive data such as records and personal data. But his new approach might have caused more issue after he tired warning Follett company and he got no response
His approach was by using a feature on the software to send a message to Follett; "Hi, there bill Demir Kapi 123 was here. Follett Corporation has no security. Here are your cookies, no worries I didn't steal them :)," Demirkapi wrote. This message didn't send to the company, instead, it was sent to the school's "parents, district administrators, teachers, everyone," and this was drastically because of the population in the school and then he was immediately suspended from school for the incident.
"The database wasn't restricted for every school," Demirkapi said. "[An attacker would have] access to every single school that was using Blackboard Community Engagement," Demirkapi said he never accessed any student data other than his own.
This shows how low security can cause data loss and sensitive information being stolen by hackers. Software installed on a PC should be well checked and understood to know if students or personal data are at high risk. That being the case, Android users should check out the 10 best Antivirus Apps for Android devices.
After Bill Demirkapi found out the software has some bugs the school doesn't know about, his plan was to responsibly inform the company about this flaw and for them to fix the issue which will protect the student's sensitive data such as records and personal data. But his new approach might have caused more issue after he tired warning Follett company and he got no response
His approach was by using a feature on the software to send a message to Follett; "Hi, there bill Demir Kapi 123 was here. Follett Corporation has no security. Here are your cookies, no worries I didn't steal them :)," Demirkapi wrote. This message didn't send to the company, instead, it was sent to the school's "parents, district administrators, teachers, everyone," and this was drastically because of the population in the school and then he was immediately suspended from school for the incident.
Read Also: How To Make a Fake Blue Screen of Death (Prank) in Computer“The school wasn’t really happy about it; I can understand," Bill Demirkapi said while presenting his research on Friday at the annual Def con hacking conference. The crowd applauded when he described his broadcasted message. But nevertheless, the vulnerabilities were fixed.
"The database wasn't restricted for every school," Demirkapi said. "[An attacker would have] access to every single school that was using Blackboard Community Engagement," Demirkapi said he never accessed any student data other than his own.
This shows how low security can cause data loss and sensitive information being stolen by hackers. Software installed on a PC should be well checked and understood to know if students or personal data are at high risk. That being the case, Android users should check out the 10 best Antivirus Apps for Android devices.
Comments