Custom Search

June 18, 2012

Potential data breach at the University of North Florida

From the Florida Times-Union's Jacksonville.com website:

A computer database containing information about 23,246 people who submitted contracts to live in the University of North Florida’s residence halls might have been compromised by a hacker.

School officials have locked down the affected computer server as they try to find out if any personal information was taken.

The database included names and Social Security numbers of people who submitted housing contracts between 1997 and spring 2011. The hacking could have occurred as long as a year ago, according to UNF officials.

“When we first started to suspect someone who was not authorized had gotten into the database, we immediately began investigating,” UNF spokeswoman Sharon Ashton said. “At the same time, we moved the information off that server and put it on a different server, and put additional security measures in place.”

The investigation needed a few weeks to determine which file was broken into, then how to get in touch with everyone on it to alert them to the breach, Ashton said. Now the university is sending them letters and emails about the breach.

“We don’t have any evidence that any information, or that anything, was copied from the files, but it is a possibility,” Ashton said.

So far, Ashton says, none of the people that were in the database have reported their personal information was used. The school will pay for one-year memberships in a credit-protection program for anyone impacted. It has set aside $80,000, but is prepared to pay for all 23,246 if they request it. And school officials recommend they place a fraud alert on their credit files via Equifax, (800) 525-6285; Experian, (888) 397-3742; or Trans-Union, (800) 680-7289.

In October 2010, someone gained access to personal information on almost 107,000 UNF students, potential students and employees. Other universities have been affected by hackers more recently.


The University of Nebraska identified an undergraduate student in May it says is responsible for breaking into a school database with information on more than 650,000 students, parents and employees, according to www.computerworld.com. And in January, Arizona State University shut down its web services after someone downloaded an encrypted file containing user names and passwords of an unknown number of students, faculty and staff, according to the school.

No comments:

Post a Comment