Cyber Incident Victim: Mount Holyoke College
Date:
Mar 2016
Location:
United States of America
Summary
A white supremacist flyer containing swastikas was remotely printed on public networked printers at Mount Holyoke College and multiple other universities, distributed by Andrew Auernheimer through mass print jobs sent to internet-exposed devices without unauthorized access. The perpetrator exploited openly accessible university printers identifiable via network scans, later claiming to have targeted all North American public printers indiscriminately; similar incidents involving anti-LGBT content occurred subsequently at some locations through apparent copycat actions. The incident highlighted vulnerabilities in printer security configurations, prompting at least one institution to implement traffic filtering measures to block such unauthorized print jobs.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In late March 2016, public network printers at multiple U.S. universities, including Mount Holyoke College, unexpectedly printed white supremacist flyers containing swastikas and offensive messages. The incident occurred when Andrew "Weev" Auernheimer, a hacker and internet troll residing in Serbia, mass-distributed print jobs to publicly accessible printers across North America. Auernheimer exploited the open network configurations of university printers, many of which were intentionally exposed to the internet to facilitate remote printing for students and faculty. Using basic network scanning techniques, he identified vulnerable devices without requiring unauthorized access to systems. The flyers were printed at Mount Holyoke alongside Princeton University, University of California-Berkeley, University of Massachusetts-Amherst, Brown University, and Smith College, among others. Auernheimer later claimed to the New York Times that he hadn't specifically targeted educational institutions but had instead broadcast the print jobs indiscriminately to all discoverable public printers. The incident highlighted systemic vulnerabilities in how organizations secured networked peripheral devices.
Universities responded by investigating the unauthorized print jobs and implementing network safeguards. Stony Brook University's Chief Information Security Officer Philip Doesschate confirmed in a March 27 email that his institution had similarly been affected, prompting immediate implementation of internet traffic filters to block such malicious print requests. While no legal action was anticipated against Auernheimer since he exploited existing public access rather than breaching secured systems, the incident revealed operational security gaps in printer management practices. A subsequent copycat incident on March 28 involved anti-LGBT flyers printed at UC Berkeley and UMass Amherst, though Auernheimer denied involvement. The original printer attacks drew attention to Auernheimer's history, including his 2013 conviction (later overturned) for exposing AT&T iPad customer data and his subsequent relocation to Belgrade. Institutional responses focused on hardening network perimeters rather than pursuing criminal charges, as the act technically violated no computer intrusion statutes.