Malware Infects IPFW Computer System

The Indiana University-Purdue University Fort Wayne (IPFW) is notifying around 32 people that their Social Security numbers were there on a machine laden with malware embedded by an unidentified hacker. Almost everybody hit seems to be either present or former international student.

The malevolent code or malware probably was inserted via a message attachment in August 2007 but wasn't discovered until October 2007 in the course of a regular inspection, told the Director and Chief Information Officer of IT services at IPFW, Robert Kostrubanic, according to Journalgazette on November 17, 2007.

The malicious software was planned to illegally hack into or harm a computing system. Classified data, such as Individual Taxpayer Identification numbers and Social Security numbers, may have been present amongst the compromised data, as the exact university department that held the infected computer could not be determined, maintained the university functionaries.

The workstation (computer) was detached from the computer system and the program incapacitated, informed the university, also asserting there was no proof that the stolen data had been utilized for criminal use.

According to university guidelines, Social Security numbers are not utilized anymore except where compulsory. Details about present students, former students, staff members, and the rest, whose files are maintained for business purpose, are allotted a Purdue ID.

Besides, universities and colleges are also one of the most insecure, especially in cases of security violations resulting from identity theft, maintains the not-for-profit consumer rights organization, Privacy Rights Clearinghouse.

Journalgazette published news on November 17, 2007 informing that the Chief Information Officer at Purdue's Office of Information Technology, Scott Ksander, stated that for years, the conventional method of storing Social Security numbers was by collecting and keep them filed.

Growing reliance on PCs for storing all sorts of records and the existence of hackers hell bent on detecting methods of stealing information has caused an aggressive shift from past methods in an attempt to protect files and IDs, alleged Scott.

In order to avoid new risks, the faculty and staff of the university have been ordered to load the newest security software and to allow automatic upgradation of security facilities. The security program contains extended accessibility of anti-spyware program and stringent training for university systems administrators.

Related article: Malware Authors Turn More Insidious

» SPAMfighter News - 12/1/2007