Server hosting nuCuisine website gets hacked
October 3, 2012
A computer server of Sodexo, the company that manages nuCuisine, was hacked Monday night by an unknown source, according to Sodexo representatives.
Starting at approximately 9:30 p.m., students attempting to log on to the website of Northwestern’s food service provider were instead directed to “Latinhost.net,” a page advertising Latino pornography.
Steve Mangan, nuCuisine district manager, said the hack was not personally targeted at Sodexo.
“We think it's some sort of a random hack,” he said. “This does not appear to be an attack on Sodexo.”
Mangan said the company’s IT employees were immediately aware of the issue, which he said was resolved by 2 a.m. Tuesday. However, according to students and screenshots taken by The Daily, the website was still redirecting to the incorrect URL on certain Internet browsers, including Google Chrome, as late as 6 p.m.
Jim Roberts, director of information technology for Student Affairs Information Technology, said the University has no control over the nuCuisine site, which is hosted by Sodexo. This type of outsourced website management makes NU more vulnerable to these kinds of problems, he said.
“With vendor applications like this, some of it leaves control of the University,” Roberts said. “We put our trust in vendors, and we can't constantly monitor what their practices and procedures are for maintaining the security of the website.”
Although Sodexo’s system has security features to ward off malicious attacks, the hacker was still able to affect the access point to the page. Mangan said no personal student information was compromised during breach in the server’s security.
However, because the same server is used for some of its other campus locations, the issue most likely affected other colleges’ sites as well, he said.
Both Sodexo and University representatives said they could not recall any similar situations occurring with NU-related sites in the past.
News of the glitch in the nuCuisine site quickly spread among NU students through Facebook and Twitter. Numerous students shared it with their friends on various social networks.
Weinberg sophomore Kayla Hammersmith said she shared the link with her friends, referring to the issue as “funny and shocking and confusing.”
“I Facebook messaged it to a couple people, and I also posted it as my status because I felt everyone deserved the chance to appreciate it,” Hammersmith said.
Medill sophomore Molly Shaheen said she learned about the problem on Facebook and quickly shared it with several friends.
“I didn’t think when it happened it was that big of a deal,” Shaheen said. “I don’t think anybody was offended by it. I think people thought it was a funny thing.”
As of end of business Tuesday, Mangan said he had not received any complaints from students. He added that the timing of the server’s security breach was fortunate, as it occurred in the late evening.
“Luckily it happened at a time when there was probably low usage,” Mangan said. “It would have been a different story if it had popped up at 9 in the morning when people were looking for their lunch menu.”