Subscribe to The Brown Daily Herald Newsletter

Sign up for The Brown Daily Herald’s daily newsletter to stay up to date with what is happening at Brown and on College Hill no matter where you are right now!


University News

Hack halts first-year sexual assault training

Security breach of training website leaves first-years’ private information vulnerable

Senior Staff Writer
Tuesday, September 15, 2015

The University’s new online sexual assault prevention training for first-years was hacked last month. As a result, the website was taken down Aug. 26, and some first-years have not completed the program, said Ravi Pendse, vice president for Computing and Information Services.

The program, called Agent of Change, experienced a breach in website security that compromised important student data, wrote Russell Carey ’91 MA’06, executive vice president for planning and policy, and Maud Mandel, dean of the College, in a Sept. 4 email to first-years.

Students’ private information such as student identification numbers, email addresses, Agent of Change usernames and passwords, gender identity, race, ethnicity, relationship status, sexual orientation and institution name were vulnerable to the intrusion, according to a Sept. 4 press release by We End Violence, the third-party vendor of Agent of Change.

We End Violence discovered a “potential intrusion” into its website server Aug. 24, according to the press release. Exercising caution, the organization took down the Agent of Change website Aug. 26 and hired web developers to restore the site with enhanced security features. First-years who did not complete the module before Aug. 26 have not had access to the site since.

Agent of Change brought in forensic experts to figure out how the hackers accessed the information, and an investigation is ongoing, Pendse said. We End Violence has not yet gathered any evidence indicating user information has been misused, according to the press release.

“Agent of Change only had direct information that students submitted on the site,” Pendse said. Other information such as students’ social security numbers and bank account numbers are stored with the University and were not accessible to the Agent of Change hacker, he added.

The University remains unsure of when the program will be relaunched, Pendse said. An abnormal increase in phishing has not been noted since the hack, he said.

Carey and Mandel encouraged students who used the same password for  both their Brown accounts and their Agent of Change accounts to promptly change their Brown passwords. Students also have the option of using a two-step verification for their Brown email accounts, which requires a password input on their computers as well as their mobile phones, Pendse said.

Several first-years interviewed expressed little worry over their compromised data.

“I didn’t change my password,” said Logan Cody ’19. “I wasn’t worried about it.”

“I got the email, and I disregarded it,” said Max Naftol ’19. “I don’t care as much as I probably should,” he said, adding that he also did not change his password.

To stay up-to-date, subscribe to our daily newsletter.

  1. FreudianismIntensifies says:

    This is hilarious

  2. Hillary Aious says:

    Chris Paxson, time to appoint more committees. Do you realize that by now you look like a clown? Aren’t you embarrassed?

Comments are closed. If you have corrections to submit, you can email The Herald at