Feeds

Cash-for-grade probe may result in felony charges for 84 students

College admins receive crash-course in security

SANS - Survey on application security programs

As many as 84 people could face felony charges for participating in a bribery scandal in which student employees of a community college in Northern California charged as much as $600 per grade to change their classmates' computer transcripts. There's no word yet if administrators who failed to police their networks will take a whack as well.

Police investigators suspect a core group of student employees at the Diablo Valley College (DVC) concocted the scam by seizing on an unusually lax security policy that permitted more than 100 people to access the network that housed the college's grade system. Registrars from other schools generally say no more than five employees should have the ability to change grades and students should not be among them, according to an article in the Contra Costa Times.

The number of employees with network privileges proliferated gradually over the years, as managers repeatedly asked system admins to grant access to new employees. Student workers took advantage of other oversights, including authorized network users who stepped away from their desks without first locking their machines.

The alleged scheme lasted more than three years and only came to light through anonymous tips given to administrators. It seems some co-workers of the suspects began to wonder how they could afford so many trips to Las Vegas.

Following a 15-month investigation, campus police at DVC, about 30 miles east of San Francisco, say they are close to submitting evidence to prosecutors in Contra Costa County. Felony charges could be filed against as many as 84 people.

Many of the suspects have already transferred to prestigious four-year universities, including the University of California at Berkeley and Cal Poly San Luis Obispo. The investigation has led to nationwide suspicion of DVC transcripts from schools considering admitting applicants from the two-year college.

Since learning of the suspected scandal, college administrators have removed access to the DVC's transcript network for all but 11 employees and grade changes must be approved by a panel of senior records administrators.

Oh and we almost forgot: employees are now required to block access to their computers when they go to the loo. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.