Feeds

Cash-for-grade probe may result in felony charges for 84 students

College admins receive crash-course in security

3 Big data security analytics techniques

As many as 84 people could face felony charges for participating in a bribery scandal in which student employees of a community college in Northern California charged as much as $600 per grade to change their classmates' computer transcripts. There's no word yet if administrators who failed to police their networks will take a whack as well.

Police investigators suspect a core group of student employees at the Diablo Valley College (DVC) concocted the scam by seizing on an unusually lax security policy that permitted more than 100 people to access the network that housed the college's grade system. Registrars from other schools generally say no more than five employees should have the ability to change grades and students should not be among them, according to an article in the Contra Costa Times.

The number of employees with network privileges proliferated gradually over the years, as managers repeatedly asked system admins to grant access to new employees. Student workers took advantage of other oversights, including authorized network users who stepped away from their desks without first locking their machines.

The alleged scheme lasted more than three years and only came to light through anonymous tips given to administrators. It seems some co-workers of the suspects began to wonder how they could afford so many trips to Las Vegas.

Following a 15-month investigation, campus police at DVC, about 30 miles east of San Francisco, say they are close to submitting evidence to prosecutors in Contra Costa County. Felony charges could be filed against as many as 84 people.

Many of the suspects have already transferred to prestigious four-year universities, including the University of California at Berkeley and Cal Poly San Luis Obispo. The investigation has led to nationwide suspicion of DVC transcripts from schools considering admitting applicants from the two-year college.

Since learning of the suspected scandal, college administrators have removed access to the DVC's transcript network for all but 11 employees and grade changes must be approved by a panel of senior records administrators.

Oh and we almost forgot: employees are now required to block access to their computers when they go to the loo. ®

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.