Home » Institutions » University of Virginia

Hackers Access UVa Faculty Data Over 50 Times

By Adam Dodge - Posted on June 8th, 2007

Quick Facts

Abstract
University of Virginia is alerting faculty members that their personal information may have been compromised during a recent computer security breach. It seems that unknown an individual(s) accessed a database containing faculty names, birth dates and Social Security numbers on 54 separate days between May 20, 2005 and April 19, 2007. It appears that the attacker(s) gained access to this information through a special purpose Web application that was not intended for public access. The breach was discovered during an internal computer security audit on April 20, 2007. UVa Campus Police have launched an official investigation into this matter with the help of the FBI and UVa computing and auditing professionals. While no financial information was exposed, the university is warning affected faculty members that their financial information may become compromised if the attackers use the personal information to gain access to faculty financial records. UVa has created a web site - www.virginia.edu/itincident - with more information. In addition, UVa has setup a special purpose hotline - 866-621-5948 - and a special purpose e-mail address - identity-assistance@virginia.edu - to help answer any questions current or former faculty members may have about this incident.

Update
6/11/2007 - A recent letter sent by James L. Hilton, UVa Vice President and Chief Information Office, states that the university is offering 12 months of free credit monitoring for all current and former faculty members affected by this incident. UVa has partnered with ConsumerInfo.com, an Experian company, to provide faculty members with access to the company's Triple AdvantageSM Deluxe product which promises to monitor an individuals credit report at the three major bureaus for signs of suspicious and/or fraudulent activity.

Printer-friendly version
Tagged:  •    •    •    •    •