Saturday, May 19, 2007
Hackers steal 22,000 Social Security numbers from University of Missouri database
Hackers steal 22,000 Social Security numbers from University of Missouri database
Dan Kaplan May 9 2007 17:05
The University of Missouri is the latest university to fall victim to cybercrime, after hackers breached a database and lifted more than 20,000 Social Security numbers (SSNs).
The attackers, using IP addresses from China and Australia, stole 22,396 SSNs associated with anyone who worked in the university's system in 2004 who were also current or former students.
The university has campuses in Columbia, Kansas City, Rolla and St. Louis.
The school's IT security personnel on Thursday first noticed suspicious activity on a computer help-desk application, and by Friday morning they identified a large series of query errors being made to that application and its associated database, according to a university statement.
Soon after, technicians disabled the account used by the two malicious IP addresses, but by then hackers had already made off with the sensitive data. They retrieved the information "through a webpage used to make queries about the status of trouble reports" to the IT help desk on the Columbia campus, according to the university statement.
"The hacker was able to reach the information by making thousands of queries over a span of hours, allowing the identities to be exposed one at a time," according to the statement.
School spokesman Scott Charton told SCMagazine.com today that the intruders accessed the data in a report that "probably should have been expunged but was not." It did not, however, contain any financial information, and there is no evidence that any of the data has been misused.
The university has already answered 1,800 calls and 400 emails from victims, and it plans to send out 13,000 notification letters via regular mail today, Charton said.
Ironically, SC Magazine recently spoke with Becky Thurmond Fowler, systems security analyst of IT at the University of Missouri in Columbia, for a story about the SANS Institute’s new push to educate application developers on security.
Fowler coordinates a college initiative called SafeWeb, which seeks to raise campus awareness about the need to implement security in applications.
Reached today, she deferred questions about the hacking incident to Charton.
David Larson, director of product management at Maynard, Mass.-based data security firm Tizor Systems, told SCMagazine.com today that universities should deploy software that monitors back-end databases in real time.
"You're like a bank," he said. "You should view your data like a vault. And there is no vault that doesn't have cameras in it."
This is the latest in a series of computer intrusions affecting major universities. Ohio State, University of California, Los Angeles, and Texas A&M have lost hundreds of thousands of records to hackers in recent months.
Experts have said colleges are frequent targets of hackers because some schools employ sub-par security, while other industry professionals think cybercrooks prefer stealing identity information about students, who likely have better credit than older Americans.
Dan Kaplan May 9 2007 17:05
The University of Missouri is the latest university to fall victim to cybercrime, after hackers breached a database and lifted more than 20,000 Social Security numbers (SSNs).
The attackers, using IP addresses from China and Australia, stole 22,396 SSNs associated with anyone who worked in the university's system in 2004 who were also current or former students.
The university has campuses in Columbia, Kansas City, Rolla and St. Louis.
The school's IT security personnel on Thursday first noticed suspicious activity on a computer help-desk application, and by Friday morning they identified a large series of query errors being made to that application and its associated database, according to a university statement.
Soon after, technicians disabled the account used by the two malicious IP addresses, but by then hackers had already made off with the sensitive data. They retrieved the information "through a webpage used to make queries about the status of trouble reports" to the IT help desk on the Columbia campus, according to the university statement.
"The hacker was able to reach the information by making thousands of queries over a span of hours, allowing the identities to be exposed one at a time," according to the statement.
School spokesman Scott Charton told SCMagazine.com today that the intruders accessed the data in a report that "probably should have been expunged but was not." It did not, however, contain any financial information, and there is no evidence that any of the data has been misused.
The university has already answered 1,800 calls and 400 emails from victims, and it plans to send out 13,000 notification letters via regular mail today, Charton said.
Ironically, SC Magazine recently spoke with Becky Thurmond Fowler, systems security analyst of IT at the University of Missouri in Columbia, for a story about the SANS Institute’s new push to educate application developers on security.
Fowler coordinates a college initiative called SafeWeb, which seeks to raise campus awareness about the need to implement security in applications.
Reached today, she deferred questions about the hacking incident to Charton.
David Larson, director of product management at Maynard, Mass.-based data security firm Tizor Systems, told SCMagazine.com today that universities should deploy software that monitors back-end databases in real time.
"You're like a bank," he said. "You should view your data like a vault. And there is no vault that doesn't have cameras in it."
This is the latest in a series of computer intrusions affecting major universities. Ohio State, University of California, Los Angeles, and Texas A&M have lost hundreds of thousands of records to hackers in recent months.
Experts have said colleges are frequent targets of hackers because some schools employ sub-par security, while other industry professionals think cybercrooks prefer stealing identity information about students, who likely have better credit than older Americans.
Labels: Univ. of Missouri
Thursday, May 10, 2007
One-at-a-time hacker grabs 22,000 IDs from Univ. of Missouri
One-at-a-time hacker grabs 22,000 IDs from Univ. of Missouri
Gregg Keizer
May 09, 2007 (Computerworld) A hacker grabbed the Social Security numbers of more than 22,300 current and former students at the University of Missouri, the school said yesterday. It was the institution's second data break-in of the year.
According to university officials, the attack was launched from IP addresses in China and Australia and used a Web form for tracking the status of queries to the school's IT help desk. The hacker accessed the names and Social Security numbers of school employees during 2004 who were also current or onetime students; those records had been compiled for a report, but were overlooked rather than deleted.
IT staffers noticed unusual activity that began around 5:30 a.m. CDT last Thursday, then tied a large number of database query errors to the problem on Friday. Logs showed that the attacks ended at 9:34 a.m. Friday. That day, technicians disabled the account used to access the database from one IP address in Chinaand another in Australia. The FBI was alerted on Monday.
"The hacker was able to reach the information by making thousands of queries over a span of hours, allowing the identities to be exposed one at a time," the university reported.
A Web page and toll-free telephone line have been set up to take questions from students, the school said. Officials are also contacting as many of the affected people as possible.
Yesterday, the toll-free line was overwhelmed, a school spokeswoman said today, and some callers heard a recording that said the desk was closed. That problem has been solved by boosting the number of staffers answering the phones. Computerworld confirmed that the hot line was working today, with wait times of approximately three minutes.
This is the second incident at the University of Missouri in recent months. In February, the school acknowledged that a server attack in January might have exposed the identities of 1,220 researchers on its four campuses. The spokeswoman declined to comment on whether there could be any connection between the two events.
In its message to potential identity theft victims, the university said that it "takes this matter very seriously" and noted that it wasn't the only organization to be attacked. "All companies or organizations using the Internet to serve their customers face this challenge." Last year, reported the Columbia Missourian, then-university President Elson Floyd ordered that employee Social Security numbers information be deleted from online databases.
Universities are a frequent target of identity thieves, according to the data breach chronology compiled by the Privacy Rights Clearinghouse. Since Jan. 1, 27 colleges or universities have been victimized by attackers. The list includes well-known institutions such as the University of Notre Dame, Ohio State University, Purdue University and Rutgers. Several, in fact, have been hit multiple times: Notre Dame, the University of Idaho and the University of New Mexico each suffered two attacks in the first four months of 2007.
Gregg Keizer
May 09, 2007 (Computerworld) A hacker grabbed the Social Security numbers of more than 22,300 current and former students at the University of Missouri, the school said yesterday. It was the institution's second data break-in of the year.
According to university officials, the attack was launched from IP addresses in China and Australia and used a Web form for tracking the status of queries to the school's IT help desk. The hacker accessed the names and Social Security numbers of school employees during 2004 who were also current or onetime students; those records had been compiled for a report, but were overlooked rather than deleted.
IT staffers noticed unusual activity that began around 5:30 a.m. CDT last Thursday, then tied a large number of database query errors to the problem on Friday. Logs showed that the attacks ended at 9:34 a.m. Friday. That day, technicians disabled the account used to access the database from one IP address in Chinaand another in Australia. The FBI was alerted on Monday.
"The hacker was able to reach the information by making thousands of queries over a span of hours, allowing the identities to be exposed one at a time," the university reported.
A Web page and toll-free telephone line have been set up to take questions from students, the school said. Officials are also contacting as many of the affected people as possible.
Yesterday, the toll-free line was overwhelmed, a school spokeswoman said today, and some callers heard a recording that said the desk was closed. That problem has been solved by boosting the number of staffers answering the phones. Computerworld confirmed that the hot line was working today, with wait times of approximately three minutes.
This is the second incident at the University of Missouri in recent months. In February, the school acknowledged that a server attack in January might have exposed the identities of 1,220 researchers on its four campuses. The spokeswoman declined to comment on whether there could be any connection between the two events.
In its message to potential identity theft victims, the university said that it "takes this matter very seriously" and noted that it wasn't the only organization to be attacked. "All companies or organizations using the Internet to serve their customers face this challenge." Last year, reported the Columbia Missourian, then-university President Elson Floyd ordered that employee Social Security numbers information be deleted from online databases.
Universities are a frequent target of identity thieves, according to the data breach chronology compiled by the Privacy Rights Clearinghouse. Since Jan. 1, 27 colleges or universities have been victimized by attackers. The list includes well-known institutions such as the University of Notre Dame, Ohio State University, Purdue University and Rutgers. Several, in fact, have been hit multiple times: Notre Dame, the University of Idaho and the University of New Mexico each suffered two attacks in the first four months of 2007.
Labels: Univ. of Missouri
