Hackers took aim at the University of Connecticut last week, sending students a hoax email that falsely announced the death of UConn president Radenka Maric.
The university said in a statement it had determined how the hackers got access to the UConn Daily Digest email and “took corrective action to prevent it from occurring again.”
“Cybersecurity breaches are a very real threat worldwide, and they are continuously evolving as institutions adopt new safeguards and would-be hackers attempt to circumvent those measures,” said Michael Mundrane, UConn’s vice president for information technology. “However, in this case, we made a mistake that was then exploited.”
A person claiming to be the leader of a hacking group called “SiegedSec” told The Hartford Courant in an online chat that there was no political motivation for the July 5 attack against the university.
“I wanted to have a bit of fun instead of spending a lot of time and effort on a more targeted attack,” they told the Courant. “It’s a pretty small hack compared to everything else. When I carried out the hack, I was looking for low hanging fruit to just have a bit of fun, with no intention of posting it or expecting anyone to care about it.”
The hacker group obtained the username and password for the Daily Digest email account through Bitbucket, a source-code repository platform, the Courant wrote. The hacker claimed that UConn’s system did not have the added protection of a two-factor authentication system.
SiegedSec is better known for hacking government systems than higher education institutions. The group has claimed responsibility for hacking several state government websites.