Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


University Of Virginia Suffered A Security Setback

The university of Virginia has detected a security violation in one of its computer applications, which led to exposure of critical information belonging to the present and previous faculty members of the university.

The information that was leaked included Social Security numbers, names and dates of birth. However, no bank account, salary information or credit card information, was leaked in this assault.

The flaw was patched immediately after the discovery of the breach and a detailed inspection was done in this regard. The university police, in discussion with the FBI and the university's computing and audit experts, are carrying out this criminal examination. The investigation has exposed that on 54 individual days in-between May 20, 2005 and April 19, 2007, hackers hit into the record of 5,735 faculty members. None of the suspects has been identified.

Due to the University's old dependence on Social Security Number (SSN) as the ID number for each student and employee, the probable risk for revelation of critical information come from stolen, lost, or hacked desktop and laptops that hold ID numbers.

James Hilton, university's vice president and chief information officer in a statement published by Virginia.edu on June 8, 2007, expressed a deep regret towards the inconvenience caused due to the incident. Hilton further said, the theft had added a greater importance to the university's efforts to remove the critical information form the database such as Social Security numbers as well as other private information, which could be easily accessed from the web and later abused. He also said that the university is continuously improving its methods and practices so as to increase the security of critical information and guiding its workforce in data protection.

The University is very sensitive towards the threats posed by critical information and is working to reduce these threats. It is preparing to use a six-digit number, in place of the earlier system's use of SSN, to categorize employees.

Inspectors believe, hackers access the information in a special purpose Web application.

Hilton added, this information might not be obtained through everyday Web browsing. In fact, it needs a deliberate and sophisticated attack on the database.

Related article: University Reports Increase in Spam

ยป SPAMfighter News - 6/22/2007

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page