Thursday, November 17, 2005

Incident: Indiana University says hacker had access to records of 5,300 students

Another university-related security/privacy incident:

IU says hacker had access to records of 5,300 students

The Associated Press

BLOOMINGTON, Ind. - Personal information about nearly 5,300 Indiana University students might have been accessed by a computer hacker, school officials said.

Technicians discovered during a routine scan that three malicious software programs had been installed on a Kelley School of Business instructor's computer in mid-August, said James Anderson, the school's director of information technology.

'You're not going to find folks who are not malicious hackers who have access to these programs,' Anderson said. 'They are not something your average computer user would use. They are very cryptic and non user-friendly.'

The programs were accessed in early October, but it could not be determined whether any personal information was removed, the school said.

A letter was sent Friday to 5,278 students notifying them of the security breach. All of the students had been enrolled in an introduction to business course between 2001 and 2005.

Anderson said no misuse of personal information had been reported, but encouraged students who received the letter to take precautions, including a check of their credit report.

'We are completing an audit of all computers in the school to ensure that they are configured properly to automatically update antivirus software and system patches,' Kelley Dean Daniel Smith said."

No comments: