University suffers massive ID data theft
Published: 11 Jan 2005 08:40 GMT
George Mason University confirmed on Monday that the personal information of more than 30,000 students, faculty and staff had been nabbed by online intruders.
The attackers broke into a server that held details used on campus identity cards, the university said. Joy Hughes, the school's vice-president for information technology, said in an internal email sent over the weekend and seen by ZDNet UK sister site CNET News.com that "the server contained the names, photos, Social Security numbers and [campus ID] numbers of all members of the Mason community who have identification cards".
Hughes warned that campus community members should contact the major credit bureaus to flag their accounts for possible identity fraud. "It appears that the hackers were looking for access to other campus systems rather than specific data," Hughes wrote. "However, it is possible that the data on the server could be used for identity theft."
George Mason is a public university located in Fairfax, Virginia, a suburb of Washington, DC, with smaller campuses in Arlington, Virginia, and Prince William County. It reported 26,796 students enrolled as of autumn 2002, and 3,908 faculty and staff members.
It also is home to the Information Security Institute, the Lab for Information Security Technology and the Centre for Secure Information Systems, which has been designated a "Centre of Academic Excellence" by the US National Security Agency.
Last year, George Mason said it would cease to print Social Security numbers on campus ID cards and would instead generate unique "G numbers" for each student and each member of faculty and staff.
That was in reaction to a Virginia state law, enacted as a response to identity fraud concerns, that required state agencies and universities to change their practices. But the server with the ID card information still stored Social Security numbers in its database, according to the George Mason email.
"We felt that the information there was secure," George Mason spokesman Daniel Walsch said on Monday. The school discovered the breach on 3 January and university police are investigating, he said.
George Mason is not alone among universities in suffering a security breach. Two years ago, online intruders broke into a server containing the credit card numbers of some 57,000 patrons of a Georgia Institute of Technology arts and theatre programme, while others lifted more than 55,000 Social Security numbers from computers at the University of Texas at Austin. Last year, more than one million California residents had their personal information leaked thanks to a pair of incidents at UCLA and the University of California at Berkeley.
Did you find this article useful?
134 out of 247 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
