University Of Virginia Suffered A Security Setback
The university of Virginia has detected a security violation in one of its computer applications, which led to exposure of critical information belonging to the present and previous faculty members of the university.
The information that was leaked included Social Security numbers, names and dates of birth. However, no bank account, salary information or credit card information, was leaked in this assault.
The flaw was patched immediately after the discovery of the breach and a detailed inspection was done in this regard. The university police, in discussion with the FBI and the university's computing and audit experts, are carrying out this criminal examination. The investigation has exposed that on 54 individual days in-between May 20, 2005 and April 19, 2007, hackers hit into the record of 5,735 faculty members. None of the suspects has been identified.
James Hilton, university's vice president and chief information officer in a statement published by Virginia.edu on June 8, 2007, expressed a deep regret towards the inconvenience caused due to the incident. Hilton further said, the theft had added a greater importance to the university's efforts to remove the critical information form the database such as Social Security numbers as well as other private information, which could be easily accessed from the web and later abused. He also said that the university is continuously improving its methods and practices so as to increase the security of critical information and guiding its workforce in data protection.
Inspectors believe, hackers access the information in a special purpose Web application.
Hilton added, this information might not be obtained through everyday Web browsing. In fact, it needs a deliberate and sophisticated attack on the database.
Related article: University Reports Increase in Spam
» SPAMfighter News - 22-06-2007