Univ. of Southern Calif. says database hacked

Univ. of Southern Calif. says database hacked

A University of Southern California database containing about 270,000
records of past applicants including their names and Social Security
numbers was hacked last month, officials said on Tuesday.

The breach of the university's online application database exposed
"dozens" of records to unauthorized individuals, said Katharine
Harrington, USC dean of admissions and financial aid.

She could not be more specific about the number of people whose personal
data may have been viewed by the hacker or hackers or what their
motivation was for the computer break-in.

"There was not a sufficiently precise tracking capability," Harrington
said, but added that the hackers had not been able to access multiple
records at once. Records were also only able to be viewed at random, she
said.

"We are quite confident that there was no massive downloading of data,"
Harrington said.

A University of Southern California database containing about 270,000
records of past applicants including their names and Social Security
numbers was hacked last month, officials said on Tuesday.

The breach of the university's online application database exposed
"dozens" of records to unauthorized individuals, said Katharine
Harrington, USC dean of admissions and financial aid.

She could not be more specific about the number of people whose personal
data may have been viewed by the hacker or hackers or what their
motivation was for the computer break-in.

"There was not a sufficiently precise tracking capability," Harrington
said, but added that the hackers had not been able to access multiple
records at once. Records were also only able to be viewed at random, she
said.

"We are quite confident that there was no massive downloading of data,"
Harrington said.

http://www.cnn.com/2005/EDUCATION/07/19/crime.identity.reut/

 

Ten or more years ago, someone hacked into the USC computer and gave a medical school dropout an MD, which was virtually untraceable, since at the time, there was no audit trail: the university apparently did not save any paper records (class lists, grades) at all, other than in their computer. However they claimed to be confident that this was the only such case.

 

Hacking & antiquated systems...

The university I currently work at also just was "hacked". The good news is that our student records run on antiquated hardware and operating systems and no hacker worth his/her salt bothers to write intrusion code to get into those old systems - so our privacy data was safe, more from dumb luck than from any conscientious management on the part of the IT staff. ALL the Windows systems, however, were entirely compromised and the firewall was set to "wide open" by some genius who needed to do some emergency work months ago, and then forgot to go back in and close it down. To make matters worse, the same genius forgot to put anti-virus on many of the servers in the data center.

Turns out my wireless network with DHCP and NAT at home supporting an old Win98 box was more secure than a multi-million dollar university network.

 

Carl R: "Turns out my wireless network with DHCP and NAT at home supporting an old Win98 box was more secure than a multi-million dollar university network."

John: I love it. Now, what did I do with my Epson QX-10 (with ValDocs software), state o' the art in 1982?

This goes in the same bin as a building we once owned on the northern California coast. It was the only building on the block that survived the 1906 quake. All the others were built on proper foundations, and crumbled. Ours was just resting on the ground on 12x12s, rocked back and forth a few times, and survived.