Data on 760,000 at risk after university's server hacked
December 16th, 2010
09:09 AM ET

Data on 760,000 at risk after university's server hacked

Someone hacked into a computer server at The Ohio State University, putting 760,000 people's personal data at risk, the university said Wednesday.

The server that was illegally accessed contained names, addresses, Social Security numbers and dates of birth for current and former students, faculty members, staff, applicants, consultants and contractors, the university said.

It doesn't appear that anyone's personal data were accessed, the university said, but Ohio State is providing a year of free credit protection services to those potentially affected.

"We are committed to maintaining the privacy of sensitive information and continually work to enhance our systems and practices to reduce the likelihood of such events occurring," Provost Joseph A. Alutto said on the university's website.

The breach occurred in October, but the university waited for forensic investigators to give their reports and school officials to develop solutions before notifying potential victims and the public, Ohio State's student newspaper, The Lantern, reported.

Those experts, Interhack of Columbus and Stroz Friedberg of New York, determined that the hackers wanted to use the server to launch cyberattacks, not steal identities, the Columbus Dispatch newspaper reported.

The hacked database did not contain anyone's medical information, CNN affiliate WBNS reported.

The university expects the investigation and credit protection services to cost it $4 million, according to the Dispatch.

Post by:
Filed under: Ohio • Security breaches • Technology • U.S.
soundoff (56 Responses)
  1. trying to survive

    Dang matt. Are you the hacker? Technology will destroy the world anyway.

    December 17, 2010 at 6:03 am | Report abuse | Reply
  2. conradshull

    Most of those students probably happily put all that info on Facebook anyway. Joking aside, WHEN will holders of sensitive data repositories, large or small, learn they MUST encrypt their data. Dumb, lazy, dumb, lazy, dumb! Top level IT Security personal change time at "Ohia State".

    December 17, 2010 at 8:52 am | Report abuse | Reply
  3. Willie12345

    With all of this hacking and stealing of personal data, it seems the holders of the data need to be held accountable. This information is very sensitive and important. Failure to protect it (reasonable effort) should be subject to civil action in the courts. This type of thing is happening too often.

    December 17, 2010 at 9:14 am | Report abuse | Reply
1 2 3

Post a comment


 

CNN welcomes a lively and courteous discussion as long as you follow the Rules of Conduct set forth in our Terms of Service. Comments are not pre-screened before they post. You agree that anything you post may be used, along with your name and profile picture, in accordance with our Privacy Policy and the license you have granted pursuant to our Terms of Service.