[ISN] University of Texas Computer Breach Exposes 200,000 Records
InfoSec News
isn at c4i.org
Tue Apr 25 03:29:43 EDT 2006
http://www.informationweek.com/news/showArticle.jhtml?articleID=186700537
By Gregg Keizer
TechWeb.com
Apr 24, 2006
Nearly 200,000 records of alumni, faculty, staff, and current and
prospective students of the business school at the University of Texas
at Austin have been exposed in a data breach, school officials said
Sunday. It was the second at the university in three years.
The breach was discovered Friday, and involved 197,000 records, some
of which included Social Security numbers and "possibly other
biographical data," UT said in a statement issued Sunday.
"It is our highest priority to notify those who may be affected by
this security breach," said William Powers Jr., the university's
president. "We have notified the attorney general and his Internet
enforcement unit and are doing everything we can to protect those
whose information has been accessed unlawfully."
A similar incident in 2003 was eventually traced a former student,
Christopher Phillips, who was found guilty in 2005 of accessing
protected computers without authorization, as well as possessing
stolen Social Security numbers.
For multiple hacks over a two-year period that netted him 45,000
names, Phillips was sentenced in September 2005 to five years
probation, and was ordered to pay $170,000 in restitution. He was also
banned from using the Internet except for school or work activities.
The McCombs School of Business has posted a Web page with advice on
dealing with data theft, and has published phone numbers, including a
toll-free line, to take calls from current and former students, staff,
and faculty.
The UT breach was far from the largest so far this year. According to
the Privacy Rights Clearinghouse, which maintains a list of all data
losses since February 2005, there have been nine breaches of 200,000
or more identities since January 1.
More information about the ISN
mailing list