UT Austin hack yields personal info on thousands

March 6, 2003

By Paul Roberts, IDG News Service


MARCH 06, 2003 (IDG NEWS SERVICE) - An Internet-based attack on computer systems at the University of Texas (UT) at Austin yielded personal information of more than 55,000 individuals, including current and former students as well as current and former faculty, staff and job applicants, according to a statement posted on the university's Web site.

The attack was first detected on Sunday, when computer systems personnel at the university noticed that a computer was malfunctioning.

Analysis of the problem revealed that it was the result of an attack and that an administrative data reporting system used by the university had been compromised in that attack, according to the university.

The attacker or attackers apparently used a "blunt-force" approach to cracking the system, writing a program that input millions of Social Security numbers to the system. Social Security numbers that matched records in the UT database were captured.

In addition to the victims' Social Security numbers, the attackers gained access to e-mail addresses, titles, phone numbers and university department addresses. Academic and health records weren't exposed, the university said.

Approximately 55,200 individuals had some of their data exposed in the attack, the university said.

The university said it's working with the U.S. attorney's office as well as the U.S. Secret Service to locate those responsible for the break-in and is working to contact all of those affected by the attack.

main page ATTRITION feedback