RealTime IT News

UConn Finds Hacking Program in Server

University of Connecticut officials say a server containing the personal data of many of its staff and students was compromised on at least one occasion.

The breached server contained the account information of 72,000 students and staff between the time of infection in 2003 and its recent discovery, school officials said.

The computer hacking program, known as a rootkit, was installed by malicious hackers nearly two years ago, but was detected on June 20 after a university vendor noticed that an invalid logon attempt had originated from a computer within the UConn domain, according to the school.

"Results of our examination reveal no indication that any personal information was accessed or extracted," CIO Michael Kerntke said in a statement.

An e-mail was sent to all users at UConn and the university was contacting people without e-mail accounts by mail, spokeswoman Karen Grava said.

The breach occurred on October 26, 2003, according to Kerntke, but the attack took advantage of a vulnerability in the server that was unknown at the time to the university or the vendor.

A patch has now been developed by the vendor to eliminate security breaches. Kerntke also said the personal information on the server was not easily accessible.

"We moved immediately to protect the data by taking the impacted server off line," he said. "In addition, we verified that other computers that communicate with the breached server and may contain sensitive information were secured."

Part of the attack involved the intruder installing a "backdoor" for later access, however, the attempt failed, the university said.

According to UConn officials, the nature of the compromise indicates that the server was breached during a broad-based attack on the Internet, and was not the target of a directed attack. Therefore, the attackers most likely had no knowledge of the kind of data on the server.

Universities have been the recent targets of attacks. As previously reported by internetnews.com, California State University, Chico, in March announced that hackers broke into a housing and food service computer system that contained vital information of about 59,000 current, former and prospective students, as well as faculty and staff.

Earlier in March a computer system that stored fundraising information of possibly up to 120,000 alumni of Boston College was hacked. And Harvard University said a hacker gained access to its admission systems and helped applicants log on to learn whether they had gained admission before the results were released.

"We are doing everything we can to prevent this from happening again in the future," Kerntke said. "A change to a different method of identifying users will greatly reduce the potential for personal information disclosure."