Friday, March 25, 2005

Incident: NWU's Kellog School of Management systems hacked

Another one for the incident file (Summaries of incidents cataloged on PIPEDA and Canadian Privacy Law). The Kellog School of Management is reporting that their computer systems have been hacked. All that is suspected to have been lost are userids and passwords, but other personal information may have been compromised. From WBBM 780:

WBBM780:

" - EVANSTON, IL -- Computer hackers apparently went to work at Northwestern University's Kellogg School of Management. WBBM's Bob Conway reports...

A security breach has been detected in the computer server system at Northwestern University's Kellogg School of Management.

...

Thus far, no one at Kellogg has reported any unauthorized use of their information.

When the server problem was discovered on March 20, the affected systems were immediately taken off-line and rebuilt. On Wednesday, Kellogg Information Systems determined that Kellogg user IDs and passwords, which provide access to various information sources on the Northwestern system, were potentially obtained by the hackers.

While the university said it has no evidence that personal identification was accessed, Northwestern has taken the precautionary measure of disabling all passwords and user IDs for Kellogg School faculty and staff (approximately 500) and students (approximately 3,000) affected. Kellogg Information Systems is also working to create new passwords for approximately 18,000 of the school's alumni whose passwords were also potentially obtained.

An investigation is ongoing and it appears that the servers were not targeted to obtain personal information. Stay tuned to WBBM Newsradio 780 for the latest developments "

No comments: