Saturday, September 13, 2008

Here We Go Again!

This headline in some forms or another has become all too common. Sensitive information is stored on computers that are not well protected. Hackers breach the weak protection and steal information which can and will probably be used for malicious and criminal purposes.

U of I students' information was on breached computer

By BEN FORNELL
Register Correspondent

Iowa City, Ia. - The names and Social Security numbers of about 500 University of Iowa engineering students may have been stolen by computer hackers, the university announced Thursday.

The information was stored on a computer that was breached around Aug. 11 by hackers looking to use the machine as a server from which other users could access music and movies.

The computer system was taken offline after the breach was discovered in early August, according to Jane Drews, the U of I's information technology security officer. At that point, she said an extensive analysis was done to determine the depth of the breach.

It was during this analysis that U of I officials discovered the file that contained names and Social Security numbers.

School officials say there is no evidence the information in the file was accessed, but are warning students to monitor their credit information. No information pertaining to birthdates, grades or financial data was in the file, a university news digest said Thursday. The digest said a letter will be sent out to affected students.

Drews said the breach most likely occurred randomly, with one hacker targeting a multitude of systems to find a weak point. "It's kind of like going down the hall trying doors until you catch an open one," Drews said.

Senior biomedical engineering student Cori Thompson said the U of I should do more to protect sensitive information.

"That's extremely scary," Thompson said.

Extremely scary allright! But, it happens every day and there is STILL no culture of information security.

0 Comments:

Post a Comment

<< Home

  • All Material is Copyright © 2009 Michael McCoy and SEAS, L.L.C
  • Deter. Detect. Defend. Avoid ID Theft - www.ftc.gov/idtheft