Hackers Make Off With Personal Info On Applicants At UC Davis - InformationWeek
12:13 PM
[Dark Reading Crash Course] Finding & Fixing Application Security Vulnerabilitie
Sep 14, 2017
Hear from a top applications security expert as he discusses key practices for scanning and securi ...Read More>>

Hackers Make Off With Personal Info On Applicants At UC Davis

Officials are investigating the possible theft and misuse of records containing information on about 1,120 aspiring veterinarians who'd applied to UC Davis School of Veterinary Medicine.

As if being rejected from a college wasn't bad enough, about 1,000 aspiring veterinarians were informed Wednesday by the University of California Davis that a cyber intrusion uncovered earlier in the month may have compromised name, birth-date, and, in most cases, Social Security number information submitted to the school as part of the application process.

The University of California Davis Police Department and Sacramento Valley High Tech Crimes Task Force are investigating the possible theft and misuse of records containing information on about 1,120 aspiring veterinarians who'd applied to UC Davis School of Veterinary Medicine for the school year starting this fall. Only 131 of the applicants had been accepted into the program.

Law enforcement was alerted to the intrusion on June 15, after applicants admitted into the School of Veterinary Medicine attempted to set up campus computer accounts but were notified that accounts had already been established in their names. This led law enforcement to discover that the records of 375 veterinary medical school applicants for the 2004-2005 school year -- seven of them currently studying at the school -- also might have been compromised.

School of Veterinary Medicine Dean Bennie Osburn Wednesday faced the unpleasant task of sending e-mails and letters to applicants and students whose information had been compromised. In a statement issued by the school, Obsurn offered what's become the standard response to data breaches: regret for the security breach, assurances that the school is working with law enforcement, promises of improved security, and advice to place fraud alerts on their credit-card accounts and to periodically run credit reports to ensure new financial accounts haven't been surreptitiously opened in the students' names.

"We also are recommending that the applicants who have been admitted to UC Davis immediately change their campus computer passwords and establish validation questions as safeguards for their accounts," Osburn said in a statement. "These verification questions will prevent an unauthorized party from using their identity information to make password changes for private campus computing accounts."

Even professionals who long ago traded in their books for briefcases aren't safe. Bowling Green State University is notifying current and former students of a certain accounting professor that a computer flash drive with information about them has been lost. Files on the portable storage device contained Social Security numbers for 199 students from the professor's classes in 1992, and the names, grades, and university identification numbers -- although not the Social Security numbers -- for about another 1,600 other students.

Of course UC Davis and other educational institutions are far from the only organizations dealing with the aftermath of a cyber intrusion or other data loss. Not even the Defense Department is safe from malicious hackers, who last week forced the military agency to take an estimated 1,500 computers offline. And Congress last week gave the Homeland Security Department a stern talking to over the 844 reported "cybersecurity incidents" that agency has experienced over the past two years.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll