[ISN] CSU: Computer holding student financial data breached

[InfoSec News]

http://www.siliconvalley.com/mld/siliconvalley/12516737.htm

Aug. 30, 2005

LONG BEACH, Calif. (AP) - Computer virus attacks against a California
State University computer storing financial data may have exposed the
names and Social Security numbers of 154 people to hackers.

The computer was left momentarily vulnerable following a series of
virus attacks earlier this month, but investigators had not determined
whether any of the data was accessed, Clara Potes-Fellow, CSU's media
relations manager, said Tuesday.

``There is a potential computer security breach,'' Potes-Fellow said.  
``We don't know exactly whether they were successful.''

The computer was used by a financial administrator at CSU's Office of
the Chancellor in Long Beach and housed records related to student
financial aid programs.

Two of the data files pertained to financial aid administrators, the
rest to students -- most of them enrolled at campuses in Chico, San
Bernardino and San Marcos, the university said.

As required by California law, the university notified the individuals
whose records were on the hacked computer.

The university was also advising them to contact credit-reporting
agencies and consider placing a fraud alert on their credit reports.

Potes-Fellow said the viruses had only affected the one computer in
the chancellor's office. She said investigators had not determined
whether the incident was linked to a similar computer break-in at CSU
Stanislaus in Turlock.

A hacker broke into a computer file server there containing the names
and Social Security numbers of nearly 900 student workers.

Campus officials did not know when the hacker broke into the computer
or whether any unencrypted personal information was stolen.