Morning, Trojan
Posts
BREAKING: Cyber security failure could wreak havoc at USC

BREAKING: Cyber security failure could wreak havoc at USC

Tomo Chien & Anna Hsu
October 20, 2024

We send breaking news alerts for exclusive stories you need to know now.

A stunning lapse in cyber security protocol allows anybody to send fake emails from any usc.edu address — containing any content, to any person.

Morning, Trojan reporters successfully sent mail from the real addresses of USC President Carol Folt, Provost Andrew Guzman, and the school’s public relations team.

A spoofed (fake) email shown on the Apple Mail app.

It is impossible to tell the email is fake from the contact card. This address belongs to Folt’s office, and is not her direct inbox.

USC’s IT department said it was previously aware of vulnerabilities in its email protocol — but not the full extent until it was contacted for this story. It is actively working to resolve the problem, a spokesperson said.

Read the full story here.