Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

isn logo Information Security News mailing list archives

University warns of possible hacking
From: InfoSec News <isn () c4i org>
Date: Mon, 23 Jan 2006 01:20:54 -0600 (CST)
http://www.kansan.com/stories/2006/jan/20/hack/

By Rachel Parker
January 20, 2006

Students who applied via the online application put out by the 
Department of Student Housing were alerted through either an e-mail or 
a letter that their private information might have been exposed.

According to a University Relations news release, a computer file with 
names, addresses, birth dates, phone numbers, social security numbers 
and credit card numbers was found accessible to the public on Dec. 16. 
The lack of security affected students who applied and paid an 
application fee online between April 29, 2001, and Dec. 16, 2005.

Becky Derdoski, Minnesota junior, applied online for residency in the 
2003-2004 school year.

"That information was given years ago; I didn't think I had to worry 
about it," she said.

Derdoski remembered a similar incident in which her personal 
information was at risk of exposure. The Watkins Memorial Health 
Center pharmacy sent out an e-mail to warn her about it her freshman 
year.

The housing department shut down its housing application Web site 
after the routine computer check showed that security measures were 
not working correctly.

Todd Cohen, University Relations Associate Director for news and 
public issues, said an incident like this had never happened before at 
the University.

"It is something that happens a lot at universities, unfortunately. We 
want to make sure we take care of every precaution, and make everyone 
fully aware," Cohen said.

While no evidence pertaining to unlawful use of student information 
has been discovered, the threat to students is still prevalent. The 
notification sent out to possibly affected students advised them to 
place fraud alert through www.ku.edu/identity or to call the housing 
department with any questions.

Out of about 9,200 online applicants in the past few years, only 
students that gave contact information were notified. Not all affected 
students still attend the University.

Since Jan. 18, 154 phone calls and 52 e-mails have been placed in 
response to the incident, according to the Department of Student 
Housing records.

The Web site has been shut down and applications are now being taken 
manually until a new, secure site is up and working.

- Edited by Jodi Ann Holopirek



_________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org

  By Date           By Thread  

Current thread:
  • University warns of possible hacking InfoSec News (Jan 22)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]