News
News
6/11/2007
05:29 PM
Connect Directly
RSS
E-Mail
50%
50%

Two Universities Hit By Security Breaches

The University of Virginia and the University of Iowa are both reporting that they have suffered breaches that compromised faculty or student information.

Two universities suffered security breaches that compromised the security of sensitive personal information on students and faculty.

Both the University of Iowa and the University of Virginia announced last Friday that they have been sending out notifications about the breaches.

The University of Virginia said its investigation has shown that on 54 separate days between May 20, 2005, and April 19, 2007, a hacker broke into the network and accessed the records of 5,735 faculty members. The school called in the FBI to work on the case alongside the university police and its IT workers.

"We sincerely regret the distress this causes to our colleagues," said James Hilton, the university's VP and CIO, in a written statement. "This theft adds greater urgency to our ongoing effort to remove from databases Social Security numbers and other personal information that could be accessed through the Internet and later potentially abused. The university is continually modifying its systems and practices to enhance the security of sensitive information and training its employees in data protection."

The school pointed out in an online release that information on students and non-faculty staff members wasn't compromised.

Those who were affected include anyone who taught or had any faculty designation from approximately 1990 to August 2003. Of those whose records were accessed, about 2,100 are currently employed at the university.

The faculty information that was accessed included dates of birth and Social Security numbers. People looking for more information can go to this Web site.

The University of Iowa breach affected about 1,000 students and applicants to the school's Molecular and Cellular Biology graduate program, along with about 100 faculty members associated with the program, according to an online release.

A staff member in the graduate program discovered the security breach on May 19. Social Security numbers of faculty, students, and prospective students were stored on a Web-based database program that was compromised. The university did not say when the security breach occurred.

"We are deeply concerned that this happened," said John Keller, an associate provost and dean, in a written statement. "We apologize, and we want our faculty, students, and prospective students to know that we are working expeditiously to correct this problem. We have notified the appropriate UI and law enforcement officials, and we are evaluating our systems to identify additional ways to protect our Web sites."

The University of Iowa created this Web site for anyone wanting more information.

Comment  | 
Print  | 
More Insights
IT's Reputation: What the Data Says
IT's Reputation: What the Data Says
InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Must Reads Oct. 21, 2014
InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and community news at InformationWeek.com.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.