RSSU. of GA Leaks Social Security Numbers
By Nate Mook | Published September 29, 2005, 12:45 PM
The University of Georgia acknowledged Wednesday that a hacker had breached the school's network and potentially accessed up to 2,429 Social Security numbers belonging to current and past faculty. Because of duplicate records, however, university officials believe the number of employees affected is smaller.
The intrusion took place on September 19 from a source outside the United States, which queried the exposed server for personal data. The university has launched an investigation and said no credit card information was contained in the database.
The school is beginning to contact those who may be at risk for identity theft via e-mail or postal mail.
"While there is no evidence that information was actually accessed, the potential exists for the intruder to match names and Social Security numbers, so it is imperative that we notify the individuals involved," said Stan Gatewood, UGA's chief information security officer, in a statement.
Georgia joins a long string of universities struggling with leaks of faculty and student data following network break-ins.
Earlier this month, the University of California, Berkeley announced it had recovered a stolen laptop containing Social Security numbers of 98,000 students and applicants, but could not say whether the data had been accessed. In March, California State University, Chico, informed students and staff that as many as 59,000 may have had their personal information accessed by an intruder.
This is not the first time the University of Georgia has faced data theft. Last year, a hacker accessed the school's network and potentially obtained credit card information on 32,000 students. Fortunately, no reports of the card numbers being misused ever cropped up.
we need to start holding these guys responsible too, i'm sure there would be more care taken if so.
Score: 0
|My god.. This isnt rocket science. How hard is it to place all these records on 1 machine and block any and all incoming traffic to it.
Dont blame the hacker, blame your Information Security department for being incompetent.
Also as far as the berkley incident. I mean how in the world did any decent IT profesional allow for 98,000 records to be copied over to a laptop without it firing a warning about such huge amount of data being copied.
Score: 0
|"Also as far as the berkley incident. I mean how in the world did any decent IT profesional allow for 98,000 records to be copied over to a laptop without it firing a warning about such huge amount of data being copied."
If you take the time to read the linked article you will see what they meant was that a laptop (that already contained the SSNs) was stolen, and they recovered it.
Which brings up the very serious question of what in gods name were the IT staff thinking allowing that information to be placed on a laptop...
Score: 0
|Exactly, I am an IT admin myself, and anyone in their right mind would never expose a security threat like that, its just ludicris
Score: 0
|Whoooopsie :-O
Score: 0
|