A hacker has invaded a UNLV server containing thousands of records with foreign students' information, UNLV officials announced Friday.
University of Nevada, Las Vegas computer analysts were conducting a routine security check on network activity when they found a hacker accessing the Student and Exchange Visitor Information System, also known as SEVIS.
"We're not sure that he got very far with it. We caught him in the middle of it and took the server off-line, so we're not sure if he got much and how much it is," said Johnie Sullivan, UNLV information security officer and a former FBI computer security specialist.
University officials declined to detail specifics about the attack such as when it happened. But they said the hacker could have accessed the records of as many as 5,000 former and current UNLV international students. The FBI is investigating the incident.
Analysts have determined the suspect is not a university student or employee. Sullivan said this is the first major hack UNLV has experienced on a student data server, Sullivan said.
They're treating the incident as a possible identity theft case, he said. The office of International Students and Scholars on campus sent an e-mail to all students and scholars in the database to refer them to identity theft protection Web sites.
Those who believe they might be a victim can contact the Federal Trade Commission at www.consumer.gov/idtheft or call 1-877-ID-THEFT.
UNLV staff also is working with students face to face, said Rebecca Mills, vice president of student life.
The U.S. Citizenship and Immigration Services uses SEVIS, an Internet-based system, to maintain current information on nonimmigrant students, exchange visitors and their dependents.
The program, which is part of the Department of Homeland Security, tracks information such as foreign student enrollments, visa status, course load, address and name changes, and off-campus employment. After Sept. 11, 2001, universities, colleges and flight schools have been required to use SEVIS to help prevent terrorists from entering the country as students.
Sullivan said the hacker was storing potentially stolen data from somewhere else on the UNLV server and attempting to download university data when he was caught. The old server went to the FBI crime lab and a new server is up and running, he said.