Two Universities Hit By Security Breaches - InformationWeek
05:29 PM

Two Universities Hit By Security Breaches

The University of Virginia and the University of Iowa are both reporting that they have suffered breaches that compromised faculty or student information.

Two universities suffered security breaches that compromised the security of sensitive personal information on students and faculty.

Both the University of Iowa and the University of Virginia announced last Friday that they have been sending out notifications about the breaches.

The University of Virginia said its investigation has shown that on 54 separate days between May 20, 2005, and April 19, 2007, a hacker broke into the network and accessed the records of 5,735 faculty members. The school called in the FBI to work on the case alongside the university police and its IT workers.

"We sincerely regret the distress this causes to our colleagues," said James Hilton, the university's VP and CIO, in a written statement. "This theft adds greater urgency to our ongoing effort to remove from databases Social Security numbers and other personal information that could be accessed through the Internet and later potentially abused. The university is continually modifying its systems and practices to enhance the security of sensitive information and training its employees in data protection."

The school pointed out in an online release that information on students and non-faculty staff members wasn't compromised.

Those who were affected include anyone who taught or had any faculty designation from approximately 1990 to August 2003. Of those whose records were accessed, about 2,100 are currently employed at the university.

The faculty information that was accessed included dates of birth and Social Security numbers. People looking for more information can go to this Web site.

The University of Iowa breach affected about 1,000 students and applicants to the school's Molecular and Cellular Biology graduate program, along with about 100 faculty members associated with the program, according to an online release.

A staff member in the graduate program discovered the security breach on May 19. Social Security numbers of faculty, students, and prospective students were stored on a Web-based database program that was compromised. The university did not say when the security breach occurred.

"We are deeply concerned that this happened," said John Keller, an associate provost and dean, in a written statement. "We apologize, and we want our faculty, students, and prospective students to know that we are working expeditiously to correct this problem. We have notified the appropriate UI and law enforcement officials, and we are evaluating our systems to identify additional ways to protect our Web sites."

The University of Iowa created this Web site for anyone wanting more information.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll