University of North Florida breach exposes data on 107,000 individuals
University networks are said to be frequently breached because they are rich targets, enrolling thousands of students a year
Computerworld - The University of North Florida has notified about 107,000 current and prospective students of the compromise of their personal information after a server containing the data was recently discovered to have been breached by unknown intruders.
Nearly 53,000 of those affected had their names and Social Security numbers compromised, while the rest had their names and dates of birth exposed in the incident.
Joanna Norris, associate director of public relations at the university, said on Friday that all of those whose data was exposed had been notified via e-mail and postal mail.
A statement released on Friday by the university noted that the intruders do not appear to have accessed student academic records or financial aid information.
However, in some cases, those behind the intrusion may have had access to ACT and SAT test scores, a separate university alert added.
The intrusion, which occurred between Sept. 24 and Sept. 29, was carried out by someone using a computer that appears to have been based outside the U.S., Norris said.
The breached computer has been secured and controls have been added to mitigate the chances of something similar happening again, Norris said.
Norris said the intrusion was discovered by university IT staff on Sept. 29 during a routine system review. She did not say what system was involved in the breach, citing the ongoing investigation, which includes the FBI.
Privacy Rights Clearinghouse, which has been maintaining a chronology of data breaches since 2005, lists nearly four dozen similar breaches at universities so far this year.
Since the beginning of 2009, there have been a total of 128 breaches at U.S academic institutions, resulting in the compromise of close to 1.7 million records, the group says.
Josh Shaul, vice president of product management at security vendor Application Security, said that higher educational institutions were hit on a regular basis because of a combination of reasons. For one, university networks are far more open and accessible by design compared with corporate environments. And schools' IT environments are also decentralized and often have multiple, independent IT groups functioning within it.
University networks are also rich targets, with schools enrolling thousands of new students every year and having many employees with access to personally identifiable information.
Cybercriminals are targeting university environments with increasing frequency "because it seems to be an easy way for them to steal data," Shaul said. "A lot of universities are bringing in security after they have been breached."
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is email@example.com.
- University of North Florida breach exposes data on 107,000 individuals
- Zeus Trojan bust reveals sophisticated 'money mules' operation in U.S.
- GAO slams White House for failing to lead on cybersecurity
- Man charged with attack on Web site of Fox News' Bill O'Reilly
- Heartland breach expenses pegged at $140M -- so far
- IT contractor gets five years for $2M credit union theft
- Democracy would suffer if Google left China, says MIT panel
- Gonzalez accomplice gets five years for hacking TJX
- Threat of cyberattacks from overseas high, federal IT execs say
- Botnets 'the Swiss Army knife of attack tools'
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Gartner 2013 Magic Quadrant for Enterprise Backup/Recovery Software See why CommVault was positioned as the #1 leader in Gartner's 2013 Magic Quadrant for Enterprise Backup/Recovery software for the 3rd year in...
- Forrester Report: CommVault is a Leader in Enterprise Backup and Recovery In this report, Forrester takes a deep dive into the evaluation criteria, how CommVault is positioned and the features and functionality that make...
- Forrester Wave for Enterprise Backup and Recovery Read this report to see how CommVault continues to outpace its competitors and why Forrester positioned CommVault Simpana as the top backup and...
- Four Myths of High-Productivity App Dev Debunked Debunk the main myths surrounding high-productivity application development and how both platforms have overcome them.
On-Demand Webcast: 7 Reasons to Choose VoIP
Thinking about a new phone system for your business?
Be sure to watch this informative webcast. Steve Strauss, small business columnist for USA...
All Cybercrime and Hacking White Papers |