Hackers raid U. of Nebraska database with 654k Social Security nos.

Share this article:

Vandals gained access to a database containing the personal records, including Social Security numbers, of hundreds of thousands of University of Nebraska students, alumni and others connected to the school's four campuses.

How many victims? 654,000.

What type of personal information? Social Security numbers, addresses, grades, transcripts, and housing and financial aid information for current and former NU students (some dating back to 1985), in addition to employees, parents and student applicants who may or may not have attended NU. Also the bank account information for some 30,000 students was involved.

What happened? The breach was detected late Wednesday and announced Friday. School officials said there is no evidence that any of the information was downloaded, but that the intruder[s] behind the attack were skilled and sophisticated.

What was the response? The school already has notified the students whose bank account numbers were involved in the breach. The other victims also will be notified. The university has contracted a forensic firm to help investigate.

Details: The school is reportedly close to determining the culprit's identity.

Quote: "We're putting together a full summary of events to replicate some of the things the hacker did so we can have a better understanding of what data was accessible,” Joshua Mauk, NU's information security officer, said. “We want to know the full ramifications of what he had access to.”

Source: Omaha.com, Omaha World-Leader, "Authorities have lead on possible NU hacker," May 28, 2012.

JournalStar.com, Lincoln Journal Star, "Employees, many parents in NU database breach," May 27, 2012.

Editor's note: SCMagazine.com tried to reach the university to learn why the database was network connected, and whether the school has any policies in place regarding the use of Social Security numbers. We will update if we hear back.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

Malware on Breyer Horses website for about 18 months, payment card data ...

Malware installed on the computer server hosting the Breyer Horses website may have compromised personal information for people who made purchases between March 31, 2013 and Oct. 6.

Transcript website flaw exposed personal data on 98k users

NeedMyTranscripts.com expose users' names, addresses and dates of birth, among other information, due to a site flaw that one user discovered.

Sourcebooks payment card breach impacts more than 5,000 customers

More than 5,000 customers had personal information stolen, but roughly 9,000 notification letters were sent out as a precautionary measure.