MU computer attack leaves 22,000 vulnerable

May 8, 2007

By Sara Semelka

http://www.columbiatribune.com/2007/May/20070507News054.asp



A recent attack on the University of Missouri system computer database allowed an unknown hacker, or several hackers, to retrieve 22,396 names and Social Security numbers of individuals associated with the university.

The people affected by the security breach are employees of any campus in the UM system during the 2004 calendar year who were also current or former students at the Columbia campus.

The hacker accessed the information through a Web page used to make queries about the status of trouble reports to the information technology help desk, based in Columbia.

According to the university, the information from 2004 had been compiled for a report and the resulting data was not removed from the computer system. The information has been removed since the attack was discovered late last week.

UM information technology staff first noticed irregular activity on a computer application last Thursday, and on Friday morning the activity was presumed to be a problem with the system used to track computer help desk repair calls.

Later on Friday, a security breach was confirmed. Technology staff disabled the account that was being used to access the database. The account was being used by two overseas IP addresses from China and Australia.

The university is contacting individuals affected by the attack through e-mail. Anyone affected by the security breach can request a fraud alert be placed on their credit files by calling Equifax, Experian or TransUnion, three national credit reporting agencies.

The university has set up a hotline at 573-884-7222 and 1-866-241-5619 where calls will be taken between 8 a.m. and 5 p.m. More information is also available at http://doit.missouri.edu/computersecurity.


main page ATTRITION feedback