ISU reports computer security breaches

December 12, 2005

By Register Staff Report

Someone recently breached the security of two Iowa State University computers that contain sensitive information, according to a news release from the university.

One of the computers held approximately 2,500 encrypted credit card numbers of athletics department donors. ISU information technology staff who investigated the computer breaks-ins say the intruder could not have read the credit card numbers because they were encrypted.

The second computer was used to enter time card information for several university departments and contained Social Security Numbers of more than 3,000 Iowa State staff. Technology staff members say it's unlikely that the intruder accessed the files with that information.

"Analysis of both computers indicates the intruder was not looking for personal data, but for space to distribute pirated movies," said Maury Hope, associate chief information officer in Information Technology Services.

Iowa State's information technology staff removed intrusive software that had been installed on the computers and are tightening security measures on other computers to prevent similar intrusions in the future, Hope said.

All employees whose personal data was on the time card computer have been notified, Hope said.

"Although we don't believe the intruder accessed personal data, we don't know that for certain,. he said. .We've provided those employees with precautionary steps they can take, such as keeping an eye on their credit reports."

[an error occurred while processing this directive]