Hacker accesses sensitive University of Hawaii server

A cybercriminal recently gained access to a University of Hawaii at Manoa (UH-Manoa) parking office computer server that contained the personal information of tens of thousands of individuals.

How many victims? 53,000.

What type of personal information? Names, Social Security numbers, addresses, driver's license numbers, vehicle information and credit card information

Details: A server used by the UH-Manoa parking office was accessed on May 30, though school officials are unsure how the cybercriminal gained entry. The hacker left behind a virus on the server. The breach was discovered during a routine audit on June 15.

There were 40,870 Social Security numbers and 200 credit card numbers on the server. Those affected include UH-Manoa faculty and staff members employed in 1998, along with anyone who did business with the parking office between Jan. 1, 1998, and June 30, 2009.

Students who paid for parking passes using a credit card were not affected.

Quote: "There is no indication that any information was misused, downloaded or viewed by the hacker,” said Gregg Takayama, a university spokesman.

What was the response? Social Security numbers, which are no longer used for parking transactions, are being removed from all parking databases. The university is strengthening its internal automated network monitoring practices and performing evaluations of systems to identify other potential security risks.

Affected individuals have been notified by mail and email. The matter was turned over to Honolulu police, the FBI and UH-Manoa's forensic investigator.

Source: Staradvertiser.com, Honolulu Star Advertiser, “UH breach affects 53,000,” July 7, 2010.