Uni student pleads guilty to USC computer hack

A 24-year-old San Diegan computer network administrator is awaiting sentencing after pleading guilty Tuesday to federal charges of illegally accessing the computer network at the University of Southern California (USC) last year. The incident occurred after he was denied admission to the school.

Eric McCarty pleaded guilty in U.S. District Court in Los Angeles in connection with his infiltration of USC's online student application system in June 2005, according to a criminal affidavit filed in the case. McCarty was accused of accessing confidential information submitted by students applying to the school and causing damage to the IT system by using a "SQL injection attack" to bypass the login authentication process of the school's online application system.

McCarty could not be reached for comment by telephone at his home this afternoon.

The case was investigated by a special agent of the FBI's cybercrimes squad in Los Angeles.

The USC student database accessed by McCarty contained the names, Social Security numbers, addresses and other personal information of about 275,000 students since 1997, according to the affidavit. Each user account was protected with a unique user name and password, but McCarty's use of certain SQL database commands allowed him to take advantage of a software vulnerability that provided access to the confidential data, according to the affidavit.

"A forensic examination of McCarty's computers seized from his residence pursuant to a federal search warrant revealed, among other things, files containing SQL injection attack codes and the user names, passwords and Social Security numbers from seven individuals in the USC applicant database," the affidavit said.

McCarty then allegedly created a new Google Gmail account in an alias name at "ihackedusc@gmail.com" to describe his actions to a staff member at a security vendor Web site. He allegedly admitted his infiltration of the database and attached a copy of some of the records he obtained.

McCarty later posted a comment on his personal blog page about the incident -- entitled "USC GOT HACKED," -- where he disclosed his involvement in the incident. "USC Got Hacked, I was involved, I'm sorry, my bad, so all the hot USC Girls, I got your phone number ladies, if your name is Amanda, Allison, Amy or Anita, expect a call any day now..." he wrote in his blog, according to the affidavit. Court documents stated that McCarty was unhappy with USC for not admitting him to the school.

Four computers and other related items were seized by authorities from McCarty's home in August 2005 as part of the investigation. USC's applicant Web site and SQL database were shut down and remained offline for more than 10 days while the incident was investigated, according to the affidavit. In compliance with California law, the university had to notify by letter all individuals whose data was contained on the admissions database of the intrusion.

McCarty is expected to be sentenced Dec 4.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Todd R. Weiss

Computerworld
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?