Lack of Patching Leads to University of Georgia Database Breach
Quick Facts
- Date: 2/12/2007
- Institution: University of Georgia
- Type of Incident: Penetration
- Number Affected: 3,500
- Source: ESI
- Abstract Source: Red and Black
Abstract
University of Georgia officials announced that last week overseas individuals were able to breach a university database. The database belonged to the university's Disability Resource Center and contained 3,5000 student Social Security number as well as information on client disabilities. UGA officials do not believe that these attackers were after the information itself, but instead simply attacking because they were able to. A review of the incident uncovered that the attackers were able to gain access to the database because the university failed to apply all of the available security patches. The university is still reviewing whether or not the use of Social Security numbers at the Disability Resource Center is necessary.
