Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Hacker gets private data on students at Ohio University

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Hacker gets private data on students at Ohio University
Date: Fri, 12 May 2006 03:11:56 -0500 (CDT) 
http://www.ohio.com/mld/beaconjournal/14554413.htm

Associated Press
May. 11, 2006

ATHENS, Ohio - Private information for all students enrolled at Ohio
University since fall 2001 was stolen in the third electronic security
breach discovered in three weeks, the school reported Thursday.

It was the first time Social Security numbers and other private
information for current students was compromised in the data thefts.  
The FBI found and alerted the school to the first breach last month,
and two more have been discovered in the university's own review of
all its systems.

More breaches could be found as 20 employees working seven-day weeks
continue the review, which could take another 10 days to finish, said
Bill Sams, head of information technology. "We're going through every
system from top to bottom," he said.

Names, birth dates, Social Security numbers and medical information
for 60,000 people were accessed in records at the school's Hudson
Health Center, the university discovered last Thursday. The student
clinic has records on all Athens campus students dating back to 2001,
plus faculty, workers and regional campus students who sought
treatment there.

As it did with the previous thefts, the university sent e-mails
Thursday to the affected people and will follow up with letters.

The alerts couldn't be sent to students earlier because names in the
database couldn't be accessed while the school backed it up to
preserve evidence and rebuilt it with proper security, Sams said.

The university reported two data thefts within three days of each
other in late April. Someone gained unauthorized access to records on
more than 300,000 people and organizations in the alumni relations
department, including 137,000 Social Security numbers, and to a server
at the school's business incubator that contained e-mails and patent
and intellectual property files.

After those thefts, the university set up a Web site and hot line,
(740) 566-7448 or (800) 901-2303, with tips on how to prevent
fraudulent use of personal information.

The school also has hired a security consultant.

"Given the breadth and the number of these we are operating under the
assumption that we've got to make major changes very quickly," Sams
said.

Ohio University also has called other schools that had breaches,
including Miami University in Oxford in southwest Ohio. Miami reported
in September that someone had accidentally posted a grade report that
included student names and Social Security numbers on a site
accessible by the Internet.

ON THE NET

Ohio University data theft: http://www.ohiou.edu/datatheft



_________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.
www.blackhat.com
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Hacker gets private data on students at Ohio University, InfoSec News <=
Previous by Date:  [ISN] Ship security system draws FBI's attention, InfoSec News
Next by Date:  [ISN] Teenage 'e-mail bomber' heads back to court, InfoSec News
Previous by Thread:  [ISN] Ship security system draws FBI's attention, InfoSec News
Next by Thread:  [ISN] Teenage 'e-mail bomber' heads back to court, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]