University of Connecticut officials say a server containing the personal
data of many of its staff and students was compromised on at least one
occasion.
The breached server contained the account information of 72,000 students
and staff between the time of infection in 2003 and its recent discovery,
school officials said.
The computer hacking program, known as a rootkit, was installed by
malicious hackers nearly two years ago, but was detected on June 20
after a university vendor noticed that an invalid logon attempt had
originated from a computer within the UConn domain, according to the school.
“Results of our examination reveal no indication that any personal
information was accessed or extracted,” CIO Michael Kerntke said in a statement.
An e-mail was sent to all users at UConn and the
university was contacting people without e-mail accounts by mail,
spokeswoman Karen Grava said.
The breach occurred on October 26, 2003, according to Kerntke, but the
attack took advantage of a vulnerability in the server that was unknown at the
time to the university or the vendor.
A patch has now been developed by the vendor to eliminate security
breaches. Kerntke also said the personal information on the server was not
easily accessible.
“We moved immediately to protect the data by taking the impacted server
off line,” he said. “In addition, we verified that other computers that
communicate with the breached server and may contain sensitive information
were secured.”
Part of the attack involved the intruder installing a “backdoor” for
later access, however, the attempt failed, the university said.
According to UConn officials, the nature of the compromise indicates that
the server was breached during a broad-based attack on the Internet, and was
not the target of a directed attack. Therefore, the attackers most likely
had no knowledge of the kind of data on the server.
Universities have been the recent targets of attacks. As previously
reported by internetnews.com, California State University, Chico, in
March announced that hackers broke into a housing and food service computer system that contained vital
information of about 59,000 current, former and prospective students, as well
as faculty and staff.
Earlier in March a computer system that stored fundraising information of
possibly up to 120,000 alumni of Boston College was hacked. And Harvard
University said a hacker gained access to its admission systems and helped
applicants log on to learn whether they had gained admission before the
results were released.
“We are doing everything we can to prevent this from happening again in
the future,” Kerntke said. “A change to a different method of identifying
users will greatly reduce the potential for personal information
disclosure.”