RealTime IT News

Another University System Suffers Breach

The University of Georgia says it is working with state and federal officials to determine if a computer hacker accessed the names and Social Security numbers of more than 1,600 current and former employees.

Most of the employees work in the College of Agricultural and Environmental Sciences, one of the largest of the university's 15 colleges, according to Tom Jackson, a UGA spokesman.

However, the breach may also affect others who have received payments from the college, he said.

University officials believe 2,429 Social Security numbers were exposed, but say many of those were duplicated numbers, which likely drops the number exposed by one-third.

The university discovered the illegal queries, which apparently came from outside the United States, on Sept. 19. It immediately took steps to block this sort of exploitation, said Jackson.

An investigation is under way to determine precisely which information may have been exposed. However, school officials say the database did not contain credit-card information.

"The irony is that the breach occurred while the university is trying to do away with using Social Security numbers," Jackson said.

Although the school has begun the laborious task of using alternative forms for identifying students and staff, the process of changing records for 33,405 students 9,300 staff members will take some time, Jackson said.

"Universities are an open environment," he said. "We've got to get away form using Social Security numbers for ID. But it's not like you can just throw switch on and it's done."

Each individual in the database is being notified by e-mail and regular post mail of the incident, Jackson said.

Last year, a cracker broke into the school's system and may have accessed the credit-card information of approximately 32,000 students. The university never caught the hacker and was not aware of any misuse of that information, according to Jackson.

"It indicated the hacker really didn't know what they had," Jackson said.

Universities have had their share of computer security problems over the past year. Large schools, like the University of Georgia, often provide hackers with a tempting target.

In June the University of Southern California joined the growing number of schools to report a computer security breach when its online application database was broken into, leaving 270,000 records exposed.

In March crackers broke into two schools' systems. A Boston College computer system that stored fund-raising information of possibly up to 120,000 alumni of Boston College was breached.

And California State University, Chico, suffered a breach of its housing and food service computer system, which contained information about 59,000 current students.