Red-faced officials at the University of Texas at Austin admitted a massive
security breach of its
computer system exposed crucial personal data of approximately 55,200
individuals.
The breach was the result of a “deliberate attack” on Sunday morning, the
school warned. The vulnerable system was shut down and analysis revealed
that a “security weakness in an administrative data reporting system was
exploited by writing a program to input millions of Social Security
numbers.”
UT Austin’s VP of Information Technology Daniel Updegrove said Social
Security Numbers that matched selected individuals in one of its personnel
database were captured, together with e-mail address, title, department
name, department address, department phone number, and names and dates of
employee training programs attended.
Personal information from current and former students, current and former
faculty and staff, and job applicants was stolen.
“It is important to note that no student grade or academic records, or
personal health or insurance information was disclosed,” Updegrove said.
The U.S. Attorney’s Office, the U.S. Secret Service and other law
enforcement agencies were called in to investigate the hack but, to date, UT
Austin said there was “no evidence that the stolen data have been
distributed beyond the computer(s) of the perpetrator(s).”
“UT’s highest priority has been to identify the source of the attack and to
cooperate with law enforcement authorities to capture the perpetrator(s),
and any associated computers and data. Our second priority will be to assess
the extent of further data exposure — if any — and to establish a proactive
communication program with affected individuals and the UT community,” the
university said.