Students’ SSNs at PSU Hacked into with Malware

The Pennsylvania State University understandably had its server infected with malicious software, leading to a compromise of Social Security Numbers counting 1,406 that were of students admitted to Penn State Altoona, prior to 2005. The malware also appeared as establishing communication with a PC, not in the network, and so unauthorized, stated gantdaily.com dated December 31, 2012.

Just when the University came to know about the malware whose impact over the server was because of a system intrusion during September 2012 its security experts instantly took the machine offline. And though it's impossible to say definitely if the malware stole any data that was on the PC, still as per the University's rule, the institution required adopting a precautionary measure i.e. informing all those who may've befallen to the assault. The precautionary measure adopted is under the purview of the Pennsylvania Breach of Personal Information Notification Act that was implemented during 2006. Specifically, the Act makes it compulsory for the University to inform anybody whose user credentials may've got exposed at the time of a PC-hijack or a lost computer.

Currently, with regards to the malware assault, it's been 4-months-or-so the investigation is ongoing while the infected server continues to be analyzed, says Reidar Jensen, Spokesman for PSU. Centredaily.com reported this on December 31, 2012.

Jensen adds that it being a matter of the server that connected with other PCs on a network, the forensic probe involved an increasingly complicated task that was also time-consuming unlike what would have occurred in the case of a standalone computer like a laptop.

Moreover, Chief Privacy Officer Sarah Morrow of the University stated that officials didn't believe anyone accessed the SSNs. Nevertheless, those affected must continue to be cautious just incase someone tried misusing their personal identifiable information. Also, despite the theft being little possible the University still cautioned students likely affected as also told them ways for lessening their risk, Morrow emphasized. Centredaily.com reported this.

Meanwhile, in a likewise malware attack on PSU, during February 2009, a PC-virus infected an administrator's system at PSU's Office of Physical Plant which carried some 1,000 SSNs that belonged to employees.

Related article: Student Hacked School’s Site To Raise Grades

» SPAMfighter News - 1/5/2013