CORRECTIONS
The third paragraph Jan. 22’s web update on MIT’s DNS attack ambiguously states that “the hack and subsequent outages were due to a compromise at EDUCAUSE.” The hack and subsequent outages were due to a compromise of MIT’s account at EDUCAUSE, not EDUCAUSE’s databases.
Additionally, the third paragraph of the MIT DNS attack article in last Wednesday’s paper also ambiguously states that “the hack and subsequent outages were due to a configuration change at EDUCAUSE.” The configuration change refers to a compromise of MIT’s account at EDUCAUSE, not EDUCAUSE’s databases. According to Garth Jordan, EDUCAUSE’s vice president of operations, someone logged into MIT’s account successfully on the first try, indicating that the person knew MIT’s password when accessing the account. An email was sent to MIT’s contact on record when the account was accessed.