University breach exposes data on 197,000 people

University of Texas at Austin falls victim to network security breach.

In another reminder of the vulnerability of university networks, the University of Texas at Austin (UT-Austin) over the weekend announced that someone had broken into a computer at its McCombs School of Business and gained access to a database containing confidential information on about 197,000 people.

The break-in was discovered on Friday after university officials noticed “unusual activity” on the database server, said Dan Updegrove, vice president of information technology at the school. Citing an ongoing investigation, he did not say what the unusual activity was nor would he elaborate on how the break-in might have occurred. But Updegrove did say that the IP addresses involved in the attack are in the Far East, suggesting that the hacking was done by external hackers.

[View more Data Security Breaches coverage] “One hundred percent of our effort right now is on going through the database log files to determine which individuals are at risk,” Updegrove said. “We have shut down the vulnerable systems, but the detailed analysis on how the intruder got in, at the moment, is of less interest to us than communicating with the [affected individuals]”, he said.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

In another reminder of the vulnerability of university networks, the University of Texas at Austin (UT-Austin) over the weekend announced that someone had broken into a computer at its McCombs School of Business and gained access to a database containing confidential information on about 197,000 people.

The break-in was discovered on Friday after university officials noticed “unusual activity” on the database server, said Dan Updegrove, vice president of information technology at the school. Citing an ongoing investigation, he did not say what the unusual activity was nor would he elaborate on how the break-in might have occurred. But Updegrove did say that the IP addresses involved in the attack are in the Far East, suggesting that the hacking was done by external hackers.

[View more Data Security Breaches coverage] “One hundred percent of our effort right now is on going through the database log files to determine which individuals are at risk,” Updegrove said. “We have shut down the vulnerable systems, but the detailed analysis on how the intruder got in, at the moment, is of less interest to us than communicating with the [affected individuals]”, he said.

The breached database contained confidential information, including names, dates of birth and Social Security numbers, belonging to current and prospective students, alumni, faculty members, faculty staff and corporate recruiters.

Based on a preliminary investigation, it appears that information from the business school’s computer system may have been breached as early as April 11. An analysis of logs so far shows that “many fewer” than 197,000 people may actually have had their data exposed, Updegrove said. But “given the size and complexity of the log file analysis” involved it will be a few days before a more exact picture emerges on how many people had information compromised, he said.

Under state law, the university is obliged to notify all of the individuals whose information was stored in the database about the breach, Updegrove said. He added that notifying all 197,000 people would be a challenge because it is not clear if current contact information is available for all of them, he said.

“We don’t think it is wise for people to wait to hear from us” before asking the major credit reporting bureaus to put a fraud alert on their accounts, he said. The business school has created a Web page to help people who may have been affected by the breach.

The incident at UT-Austin continues a string of similar breaches at institutions of higher education over the past few years. UT-Austin itself was the victim of a similar incident in 2003, when a former student was found guilty of stealing Social Security numbers by breaking into one of the University’s computers.

In March, Georgetown University in Washington, D.C. disclosed that personal information belonging to more than 41,000 individuals was exposed after a server being managed by university researcher was breached by unknown hackers. The server was being used to manage information on the various services provided through the District of Columbia’s Office of Aging.

For more enterprise computing news, visit Computerworld. Story copyright Computerworld, Inc.