Malware Hit Penn State Database, Expose 30K Records

According to the Penn State University officials, the Social Security numbers of nearly 30,000 people might be exposed due to malware infected computers, as reported by Nbcphiladelphia on December 29, 2009.

Detail reports about the hack reveal that the breaches occurred on the University's different college computers. In the Eberly College of Science, 7,758 records were stolen; in the College of Health and Human Development, 6,827 records hacked; and in a Penn State college outside the University Park, nearly 15,000 records were stolen.

Malware is a malicious software created to harm any PC, computer network, or sever. Such software can be a virus, worm, spyware, or any other damaging program.

The University's privacy maintaining office said that the University began notifying affected students about the breach during the 3rd week of December 2009. They had also started an investigation to determine the exact time and method of the data hacks, the office added.

Moreover, the University has been notifying students for another reason besides the need to take precaution. A 2006 Pennsylvania State Law makes it compulsory for the University to inform everyone whose 'personally identifiable details' are revealed due to compromise or loss of a computer.

Sarah Morrow, Chief Privacy Officer of Penn State, said even in cases of a remote possibility of theft, the privacy office cautioned everyone who might be affected as well as provide them information and suggestions on how to lessen the risks, as reported by Scmagazineus on December 29, 2009. Morrow further said that a brochure was being enclosed describing the methodology for stopping ID thefts.

The Penn State University suffered another privacy breach earlier in December 2009. At that time, Dickinson School of Law, based in Carlisle (Pennsylvania, USA), had one of its computers attacked. Consequently, the SSNs of 261 students got exposed from that computer, which held the data.

Further, security breaches have occurred in other US universities too like the Eastern Illinois University, which recently suffered one due to the virus Virut's infection on its computer during the 1st week of December 2009.

Related article: Malware Authors Turn More Insidious

» SPAMfighter News - 1/6/2010