Hacker compromises data at George Mason University

Computerworld - The names, photos and Social Security numbers of more than 32,000 students and staff at George Mason University in Fairfax, Va., have been compromised as the result of a hacker attack against the university's main ID server.
The attack was discovered during a routine review of system files and prompted the school to disconnect the compromised server from the network, according to an e-mail sent to members of the university community yesterday by Joy Hughes, the school's vice president for information technology.
"It appears that the hackers were looking for access to other campus systems rather than specific data," Hughes wrote in her e-mail. "However, it is possible that the data on the server could be used for identity theft."
Law enforcement authorities and school officials are now investigating the incident, which was discovered last week but may have occurred as far back as November.
The affected server contained information on "all members of the Mason community who have identification cards," Hughes said in her message. The intruders also installed tools on the ID server that allowed other campus servers to be probed. Hughes, however, offered no details about the other GMU systems that may have been probed.
"There is no evidence that any of the data available on the Mason ID server has yet been used illegally," she wrote, while urging students and staff to contact the three major credit bureaus and place fraud alerts on their credit files.
The university is the largest state college in Virginia, with more than 28,000 enrolled students and over 4,000 employees, according to the GMU Web site.
Daniel Walsch, director of GMU's media center, said the break-in was discovered on Jan. 2. Preliminary indications are that hackers may have broken into the system as far back as late November, Walsch said.
"We felt that everything was secure and that we had safeguarded against something like this," he said, noting that the university is looking to see what other systems were also broken into. "There were some hints that [the hackers] were trying to open some other doors. We are not sure if anything else was compromised."
The incident is a black eye for an institution that is one of a few select universities to be designated as Centers of Academic Excellence in Information Assurance Education by the National Security Agency. Students at the university's Information Assurance Scholarship Program are placed in Defense Department jobs upon completion of the program, according to the school's Web site.
"What concerns me is that they promotethemselves as being big in the infosec world," with some of the best resources and staff in the academic world, said one part-time student who asked not to be identified.
"In the 'Do as I say, not as I do' department, GMU has a Center for Secure Information Systems, [which is] both a research and teaching outfit," said another university source who also asked not to be named. "CSIS has numerous cooperative agreements with local defense and government contractors," which makes the break-in more significant, he said.