COLLEGE STATION, Texas -- Hackers in Saudi Arabia infiltrated Texas A&M's phone system, using it as a conduit to make free collect calls, officials said.
Phone carriers alerted the school to the suspicious activity Thursday, said Walt Magnussen, A&M's associate director of telecommunications. The university sent an emergency e-mail to employees about the attack that urged them to change their mailbox passwords.
The fraud affected five voice mailboxes among the university's 25,000 phone lines. The number or cost of the unauthorized calls wasn't immediately known, The Eagle reported Friday.
"Initial indications look like we caught it pretty quickly," Magnussen said.
The hackers guessed each mailbox password because it was the same as the phone number.
"It's like using your name for your password," he said. "It's one of the first things people are going to guess."
The hackers manipulated the outgoing messages by recording "Hello?", followed by a pause, then "Yes." The new recording was designed to fool international operators into thinking they were talking to a live person who answered the phone, then agreed to take a collect call.
Once inside the mailbox, hackers could transfer the call anywhere they wanted at A&M's expense. It may take a month or more to learn how much damage was done, Magnussen said.
The call transfer feature on university lines has been disabled to prevent a future attack.
Magnussen said A&M has successfully shut down similar attacks made from within Texas jail facilities, where inmates must use pay phones to call out. This is the first known attack from overseas.