Hacker compromises data at George Mason University
Private information on 32,000 students and staff was compromised
Computerworld - The names, photos and Social Security numbers of more than 32,000 students and staff at George Mason University in Fairfax, Va., have been compromised as the result of a hacker attack against the university's main ID server.
The attack was discovered during a routine review of system files and prompted the school to disconnect the compromised server from the network, according to an e-mail sent to members of the university community yesterday by Joy Hughes, the school's vice president for information technology.
"It appears that the hackers were looking for access to other campus systems rather than specific data," Hughes wrote in her e-mail. "However, it is possible that the data on the server could be used for identity theft."
Law enforcement authorities and school officials are now investigating the incident, which was discovered last week but may have occurred as far back as November.
The affected server contained information on "all members of the Mason community who have identification cards," Hughes said in her message. The intruders also installed tools on the ID server that allowed other campus servers to be probed. Hughes, however, offered no details about the other GMU systems that may have been probed.
"There is no evidence that any of the data available on the Mason ID server has yet been used illegally," she wrote, while urging students and staff to contact the three major credit bureaus and place fraud alerts on their credit files.
The university is the largest state college in Virginia, with more than 28,000 enrolled students and over 4,000 employees, according to the GMU Web site.
Daniel Walsch, director of GMU's media center, said the break-in was discovered on Jan. 2. Preliminary indications are that hackers may have broken into the system as far back as late November, Walsch said.
"We felt that everything was secure and that we had safeguarded against something like this," he said, noting that the university is looking to see what other systems were also broken into. "There were some hints that [the hackers] were trying to open some other doors. We are not sure if anything else was compromised."
The incident is a black eye for an institution that is one of a few select universities to be designated as Centers of Academic Excellence in Information Assurance Education by the National Security Agency. Students at the university's Information Assurance Scholarship Program are placed in Defense Department jobs upon completion of the program, according to the school's Web site.
"What concerns me is that they promote themselves as being big in the infosec world," with someof the best resources and staff in the academic world, said one part-time student who asked not to be identified.
"In the 'Do as I say, not as I do' department, GMU has a Center for Secure Information Systems, [which is] both a research and teaching outfit," said another university source who also asked not to be named. "CSIS has numerous cooperative agreements with local defense and government contractors," which makes the break-in more significant, he said.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.