Data of UT Dallas students, staff potentially stolen

December 12, 2006

By Jaime S. Jordan, Web Editor

http://charlotte.bizjournals.com/dallas/stories/2006/12/11/daily16.html



The University of Texas at Dallas discovered over the weekend that social security numbers and other sensitive information relating to 5,000 students, faculty members and staff may have been exposed by a computer network intrusion.

Phone numbers, e-mail addresses and home addresses also may have been exposed.

"The University of Texas at Dallas deeply regrets that data on its network may have been placed at risk by a deliberate attack through the Internet," said President David E. Daniel in a communication to students, faculty and staff. "The university is responding aggressively to defend the integrity of the system and to assess the level of the threat to information contained on the system."

Daniel said there has been no indication the information has been disseminated or used to harm anyone at this time.

The potential data disclosure was discovered by a team of UT Dallas staff on Sunday, Daniel told the Dallas Business Journal in an interview Tuesday.

Daniel said the university believes the hacker attack came from the outside using the Internet, but because the investigation is ongoing he declined to talk about the particulars.

"We are focusing very intense efforts on two activities," Daniel said. "One, is defending the integrity of our network from potential future attacks, accessing how this attack occurred and looking for any way to minimize the possibility of future attacks."

Secondly, the university is contacting anyone who may have been affected and informing them of ways they can defend themselves from identity theft and other harm.

Daniel said anyone concerned about the potential release of their information can go to the university's Web site, www.utdallas.edu/datacompromise/form.html, and university officials will check their names against a master list and contact them. People who are concerned they might have been also can call 972-883-4325.

People whose information was known to have been involved in the potential disclosure include:

* Students and staff in the Erik Jonsson School of Engineering and Computer Science, as well as applicants for admission dating back as far as 1993.
* All staff and faculty of the university, who were employed from September 2003 through August 2005.

The UT Dallas breach is not the first breach of university data the University of Texas System has seen this year.

In October, the UT System appointed a chief information security officer to build and oversee a system-wide plan to protect UT's information.

The appointment came after about 2,500 student records for University of Texas at Arlington students were stolen at the end of September. The UT System's flagship school in Austin has suffered two major IT security breaches in the last few years -- one in 2003 and one earlier this year in April at the McCombs School of Business. The McCombs breach exposed the records, including Social Security numbers and other sensitive information, of 197,000 people.

Daniel said the university's information research staff has talked with UT System officials during the course of its investigation.


main page ATTRITION feedback