University of Georgia latest target of data breach

Share this article:

The University of Georgia (UGA) is investigating a data breach that may have led to compromised information of current and former school employees – marking the school's second breach in just over a year.

How many victims? About 8,500.

What type of personal information? Full names and Social Security numbers, along with additional sensitive data.

What happened? According to a UGA official announcement Friday, the passwords of two UGA employees that worked in the IT department and had access to sensitive information were reset by an intruder. The two accounts were used by the hackers to gain access to the personal information.

What was the response? Those affected by the breach will be notified by email or U.S. mail, and UGA will provide credit monitoring services for those that request it.

Details: The incident may have taken place as early as Sept. 28. According to Tom Jackson, UGA vice president for public affairs, the UGA Police Department's computer forensics team is investigating the hack. Investigators do not know who broke into the system, or whether they have stolen the information.

Details: Officials traced the offending machine back to an overseas IP address. There is no reason to believe the hackers either purged or used any of the data.

Quote: “This appears to be a planned intrusion by someone who knew enough about our operations to know which accounts to attack and where the sensitive information was located within the system,” said Timothy Chester, UGA vice president for information technology.

In 2011, UGA school officials discovered that the personal information of more than 18,000 staff and faculty members had been accessible online on a publicly available web server for at least three years. 

Source: onlineathens.com, Athens Banner-Herald, UGA says digital intruders got personnel record access,” Oct. 12, 2012.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in The Data Breach Blog

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.