‘Jeopardy!’ champ hacked accounts of college president, vice president

Stephanie Jass (File photo)
 

ADRIAN, MI – Stephanie Jass, a “Jeopardy!” champion and former Adrian College professor, took advantage of a campus-wide password reset to access the email accounts of President Jeffrey Docking, and outgoing Vice President Agnes Caldwell, according to a Michigan State Police report.

As a result, Jass had a document “that consisted of notes and comments and ‘problems'” regarding faculty members, a fellow professor told a detective.

The professor, since promoted, learned this during a lunch meeting with Jass on May 3 at an Adrian cafe. The two talked of academic staff in need of improvement and mentoring, Jass revealed the document on her cell phone, and told her associate it was from the accounts of Docking and Caldwell.

“During the conversation, Jass commented to (the professor) that Caldwell did not like her and that Docking was ‘crooked,'” states the report, obtained this week through a Freedom of Information Act request

“Based on the tone used… (the fellow professor) stated that she felt like the information was being downloaded for blackmail although this was never verbalized.”

Jass, 47, of Tecumseh was charged in December with unauthorized access to a computer, program or network, and using a computer to commit a crime, both felonies.

She waived her right to a preliminary examination last month in Lenawee County District Court and is next to appear for a pretrial hearing Feb. 28 before Circuit Judge Margaret Noe, according to court records.

Jass, once an assistant professor of American history, was “terminated with cause,” spokesman Frank Hribar, vice president for enrollment and student affairs, said Saturday.

Efforts to contact both Jass and her Farmington Hills-based attorney Raymond Correll, for this and past stories, have been unsuccessful. Jass, though cooperative in surrendering her computer devices, did not submit to a police interview.

Jass admitted to school authorities to accessing the emails of Docking, Caldwell, Assistant Vice President Bridgette Winslow, several unnamed fellow faculty members and students, including her stepson. She made these acknowledgements May 8 in a meeting with Human Resources Director Renee Burck; Vice President of Business Affairs Jerry Wright; and Patrick Quinlan, president of the faculty union, according to a timeline put together by the college and contained in the police report.

Because of the ongoing criminal proceeding and a pending arbitration case involving the union, Hribar said the college would be “quiet” in its response to the the allegations against Jass or her suggested motivation.

“This is an internal issue and we feel it inappropriate to offer public comment on it,” Quinlan wrote in an email Saturday. 

In an interview with state police Detective Sgt. Rich Cruz of the Cyber Command Center, the fellow professor and whistleblower said Jass’ stated acts “felt criminal immediately” and the professor emailed Burck the following day, May 4.

On May 5, the college deactivated Jass’ email account and access to all other college software. The locks to her office door were changed and her desktop computer was confiscated, according to the timeline.

As the inquiry was underway, the college suspended Jass with pay because she “allegedly breached the expectations of professional conduct” outlined in a collective bargaining agreement, states a May 8 letter signed by Burck and contained in the report. Hribar, out of state this weekend, was not certain of her date of termination.

Other information about the content of the hacked emails is redacted from the report. According to Jass’ lunch companion, Jass downloaded all materials from Caldwell’s account. Caldwell, then the dean of academic affairs, is now a college administrator in Ohio.

There was not concern about sensitive information being circulated, Hribar said. “I just think some specific emails have been compromised and that is absolutely inappropriate.”

Jass was able to access the accounts because of an April 24 issue with the college email system, hosted by Google. Hribar said there was network outage caused by loss of power. 

On April 25, users received a test message with a generic, standard passcode: “Please attempt to login to Gmail using this password. You should be prompted to change password after login…”

Not everyone, however, was prompted to do so. Some did make the change using a tutorial. Some received an error and were unable to create a new password, the timeline states. Others did not alter the password at all. Neither Docking nor Caldwell immediately changed the password.

“That moment with IT publishes a universal passcode for EVERYONE’s email and you freak out for a second until you realize that: 1. No one wants to read your stupid emails; 2. You’ve been forwarding all your work emails to your private Gmail, so there is nothing there anyway,” Jass wrote on Facebook on April 25.

The method “worked just fine, had there not been manipulation of the system,” Hribar said.

Such procedure has since been modified, he said. “Clearly, now, we have a fully secure database and system.”

At no point were student, client or personnel records vulnerable, Hribar said.

On May 5, Burck contacted the state police.

The subsequent police report, often relaying technical details, indicates Jass accessed emails while using an internet network at First Presbyterian Church of Tecumseh, where she served as an elder.

Authorities conducted a “forensic analysis” of a college laptop Jass used and found “numerous text fragments.” Caldwell and Docking confirmed the fragments referenced emailed information that would not have been shared with Jass.

“Docking added that some of the emails were covered by attorney-client privilege,” Cruz reported.

Until recently, Jass was in the news for her success on the long-running TV quiz show “Jeopardy!” She previously had the record for most wins by a woman. Jass competed in the champions and Battle of the Decades tournaments.

Source