22,000 Social Security Numbers Compromised at University of Missouri
Officials at the University of Missouri have acknowledged a second electronic attack this year that has compromised 22,000 social security numbers of students and alumni. Currently the FBI is investigating this incident.
News reports (http://www.msnbc.msn.com/id/18561756/) indicate the information was accessed by manipulating a web page that allowed users to query an internal software application to compile reports for help desk issues. The attack originated with IP addresses originating from China and Australia.
Educational institutions should be more proactive in protecting personal information. Due to their open academic culture, educational institutions are prime targets for social engineering and technical attacks by persons with intent on stealing personal information such as social security numbers. Perhaps educational institutions would do well to reconsider their business practices, operational procedures, and technical measures around the use and protection of personal information.
Official Statement from University of Missouri
http://www.umsystem.edu/ums/news/releases/news07050801.shtml
University of Missouri - Division of Information Technology / Computer Security
http://doit.missouri.edu/computersecurity/
Comments