ZDNet UK

CNET NETWORKS UK BUSINESS SITES:
atlarge.com
BNET UK
silicon.com
SmartPlanet.com
ZDNet.co.uk

ZDNet.co.uk - Winner of Best Business Website 2007

You are here: ZDNet.co.uk > News > Security

Security threats Toolkit

Sacred Heart becomes latest university to be hacked

Greg Sandoval CNET News.com

Published: 26 May 2006 09:55 BST

Sacred Heart University is the latest US university to be hit by hackers, according to a message posted on the university's Web site.

The university said in the post that it discovered the intrusion on 8 May, and notified police and the FBI, which have launched investigations. Sacred Heart offered no details on when the hackers may have entered the system or the kind of information that may have been exposed. School officials could not be reached.

But television news channel WTNH, reported on Thursday that the school has notified about 135,000 people that their personal information, including Social Security numbers, may have been compromised. Some of the people notified, according to WTNH's report, have never been associated with Sacred Heart.

The news channel quoted an unnamed source who said that the school told him that his name, address and Social Security number were obtained by the university from information he provided when he took his college entrance exams eight years ago. The report didn't say why Sacred Heart would collect such data, but schools often gather such information for recruiting purposes.

Universities are easy pickings for data thieves, or so it seems to critics. Dozens of universities from across the US have suffered electronic intrusions during the past two years, and some security experts have questioned whether universities are committed enough to safeguarding sensitive data entrusted to them.

Avivah Litan, a security analyst with research firm Gartner said the nation's universities don't take the issue of security serious enough and "don't want to spend money" on taking necessary precautions.

Litan made the statements last week after learning that hackers had control of a computer server at Ohio University for more than a year. The university said earlier this month that two other servers were broken into and that about 200,000 Social Security numbers were exposed as well as some student health records.