Computerworld
Home News Blogs ReviewsWhite Papers Newsletters IT Careers

resource center


Ads by TechWords

See your link here

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
 

Print edition

Ohio University reports two separate security breaches

One incident may have compromised the Social Security numbers of 137,000 alumni

By Jaikumar Vijayan
May 3, 2006 12:00 PM ET
Recommended
(0)
Digg
Share/Email

Computerworld - Ohio University this week disclosed two separate but apparently unrelated incidents of data theft involving its computers.

On April 24, IT officials at the university noticed that someone had hacked into an alumni database server containing personal and biographical information for more than 300,000 individuals and organizations, said Bill Sams, the Athens-based university’s CIO. Faculty and staff members hired by the school before January 2004 were also affected.

The compromised files did not include credit card or bank information, but they did include Social Security numbers for 137,800 individuals, Sams said.

The breach was discovered after IT officials noticed the affected server was being used to launch a denial-of-service attack against an external target, Sams said.

“We immediately took it off-line and got into the logs. We discovered that it had been compromised as far back as 2005,” he said. In the 13 months since the server was breached, “we have found that people have accessed it from both domestic and international IP addresses,” he said.

The compromised server was supposed to have been decommissioned more than a year ago, and IT officials assumed the system had been taken off-line, Sams said. As a result, it had not received any security updates and patches for more than a year. He did not disclose how the server was breached or what operating system was running on it.

The second data compromise involved a server at the Technology Transfer Department, which is part of the University’s Innovation Center. FBI officials told the university about that breach on April 21. The server, which contained patent data and intellectual property files, was apparently involved in another incident that the FBI was investigating, Sams said, without providing further details. The university had no idea that the server had been broken into until the FBI pointed it out, he said.

The FBI is currently investigating both incidents, he said.

Ohio University today started sending out e-mails to those affected by the hack of the alumni database server. “We are sending them at the rate of 10,000 an hour,” Sams said. He added that the University has also set up a Web site providing details about the incident and instructing affected individuals on the steps they can take to mitigate the risk of ID theft.



Recommend Digg Twitter ShareThis
Email Print Send Feedback Reprints

Additional Resources

Xerox
Win a color printer!
By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!
Microsoft
Upgrade to Internet Explorer 8 today.
Save time and mitigate security risk. Deploy it now.
Sybase
NEXT-GENERATION MOBILITY PLATFORMS
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

White Papers & Webcasts

MarketVibe: Communications and Collaboration Needs at Business Organizations
In April 2009, IT and business leaders were invited to participate in a survey on business communications and collaboration solutions. The goal of...  

How to Reduce Eclipse BIRT Development Effort for Data Visualizations
Web applications can come with a long list of visualization requirements for structured data. By delivering your output through the BIRT Interactive Viewer,...

The Value of Network and Application Visibility by Aberdeen
This survey-based paper analyzes best practices for improving application visibility and analysis. This paper can help serve as a guideline for organizations looking...  

Legacy IT Modernization - Practical Reality
(Source: BluePhoenix) Corporate budgets continue to tighten. Organizations are looking at ways to reduce operating costs and eliminate unnecessary expenses while at the...

The CIO's New Guide to Design of Global IT Infrastructure
Is it possible to eliminate the impact of distance? This paper explores the 5 key principles successful CIOs are using to redesign IT...  

Interactive Guide: Getting Started with Data Governance
In this online interactive guide, Andrew White, Research VP with lead analyst firm Gartner, answers these questions to help get you on the...

2007 Gartner Magic Quadrant Report
Riverbed positioned in Leaders Quadrant of Gartner Magic Quadrant for WAN Optimization Controllers. Analyzing strengths vs. cautions, Gartner helps organizations looking to acquire...  

Why Now is the Right Time for the Linux Desktop
(Source: Novell) Faced with tighter budgets, enterprises are rethinking their desktop strategies to deliver the same - if not better - services and...

Five Steps to Successful IT Consolidation
Has your Enterprise made the strategic decision to consolidate remote site IT infrastructure into central data centers? Then you have probably discovered that...  

Agile Enterprise Content Management (ECM) for Rapid ROI
(Source: IBM) Content rich business processes are a core feature of daily operations at just about any organization today. Very often these essential...

All White Papers | All Webcasts

Computerworld Reports

Computerworld Technology Briefing: Intelligent Users Use Business Intelligence

An Interactive eBook: Enterprise Security

The Business Case for Server Virtualization

All Computerworld Reports
 

SAS Information Management Kit

SAS is the leader in business intelligence and analytical software and services. Only SAS offers leading data integration, storage, analytics and business intelligence applications within a comprehensive enterprise intelligence platform. SAS gives 97 of the top 100 companies in the 2007 Fortune 500 THE POWER TO KNOW®.
Webcast: The Information Management Roadmap
Imagine high-quality data, cleansed, analyzed and delivered throughout your organization. Join Computerworld, IT visionary Thornton May and a panel of experts to learn how SAS® can help you make it happen.

View this webcast 
Research Report: Information Management Initiatives at Midsize and Large Organizations
See the top-line results of this Computerworld sponsored survey to see how IT and business leaders are handling information management implementation.

Download this report 
White Paper: Information Management: Better Information for Winning Decisions.
This white paper explains how the SAS Information Evolution Model aids companies in assessing how they use this information to make strategic decisions and drive business.

Download this white paper 
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.