August 19, 2011

Hackers break into sensitive Purdue University server

A computer server containing the personal information of thousands of former Purdue University students was accessed by hackers.

How many victims? 7,093.

What type of personal information? Social Security numbers.

What happened? Hackers on April 5, 2010 broke into a university server containing course records from 2000 through the summer session of 2005. 

Details: School officials said there is no evidence that the sensitive information was accessed. Instead, they believe the hackers aimed to use the infected computer system to attack other servers.

Quote: “Through our investigation, we found no evidence that the unauthorized user attempted to find or read any files with personal information in our system, but felt informing people who may have been affected was a necessary precaution," Laszlo Lempert, head of the Department of Mathematics, said in a statement. "We regret the breach occurred, and we've taken extensive measures to prevent this from happening again."

What was the response?  The school on Monday mailed notification letters to affected individuals. Though the breach occurred over a year ago, it took school officials until June to sort through the information on the server and identify the extent of the breach. The Indiana Attorney General's office has been notified.

Source: jconline.com, Journal and Courier, “Purdue warns ex-students of data breach,” Aug. 17, 2011.

Previous Post
Next Post
Related Articles
Related Topics
Related Links
close

Next Article in The Data Breach Blog

Advertisement

How to Prevent Insider Threats!

POLL

More in The Data Breach Blog

Hackers raid Washington state court system to steal 160,000 SSNs, 1M driver's license numbers

Hackers raid Washington state court system to steal ...

After the public website of the Washington state Administrative Office of the Courts was compromised in February, an investigation revealed the severity of the breach in April.

Personal California birth records found in "unsecure" location

The California Department of Public Health announced that the data included names, addresses, Social Security numbers, and medical information.

Investment regulator loses portable device containing personal data

Although the specifics of the lost information is unknown, the Investment Industry Regulatory Organization of Canada has announced that 52,000 clients of 32 brokerage firms have been affected.