http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9018982 By Gregg Keizer May 09, 2007 Computerworld A hacker grabbed the Social Security numbers of more than 22,300 current and former students at the University of Missouri, the school said yesterday. It was the institution's second data break-in of the year. According to university officials, the attack was launched from IP addresses in China and Australia and used a Web form for tracking the status of queries to the school's IT help desk. The hacker accessed the names and Social Security numbers of school employees during 2004 who were also current or onetime students; those records had been compiled for a report, but were overlooked rather than deleted. IT staffers noticed unusual activity that began around 5:30 a.m. CDT last Thursday, then tied a large number of database query errors to the problem on Friday. Logs showed that the attacks ended at 9:34 a.m. Friday. That day, technicians disabled the account used to access the database from one IP address in Chinaand another in Australia. The FBI was alerted on Monday. "The hacker was able to reach the information by making thousands of queries over a span of hours, allowing the identities to be exposed one at a time," the university reported. A Web page and toll-free telephone line have been set up to take questions from students, the school said. Officials are also contacting as many of the affected people as possible. Yesterday, the toll-free line was overwhelmed, a school spokeswoman said today, and some callers heard a recording that said the desk was closed. That problem has been solved by boosting the number of staffers answering the phones. Computerworld confirmed that the hot line was working today, with wait times of approximately three minutes. This is the second incident at the University of Missouri in recent months. In February, the school acknowledged that a server attack in January might have exposed the identities of 1,220 researchers on its four campuses. The spokeswoman declined to comment on whether there could be any connection between the two events. In its message to potential identity theft victims, the university said that it "takes this matter very seriously" and noted that it wasn't the only organization to be attacked. "All companies or organizations using the Internet to serve their customers face this challenge." Last year, reported the Columbia Missourian, then-university President Elson Floyd ordered that employee Social Security numbers information be deleted from online databases. Universities are a frequent target of identity thieves, according to the data breach chronology compiled by the Privacy Rights Clearinghouse. Since Jan. 1, 27 colleges or universities have been victimized by attackers. The list includes well-known institutions such as the University of Notre Dame, Ohio State University, Purdue University and Rutgers. Several, in fact, have been hit multiple times: Notre Dame, the University of Idaho and the University of New Mexico each suffered two attacks in the first four months of 2007. _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Thu May 10 2007 - 22:50:01 PDT