Hackers Enter Univ. Database, Steal SS Numbers, 55,000 Personal Records
AUSTIN, Texas (AP) - Hackers broke into a University of Texas database and stole the names, Social Security numbers and e-mail addresses of more than 55,000 students, former students and employees, officials said.
A preliminary evaluation found no evidence the information was used to illegally obtain credit cards or withdraw money from bank accounts, said Deputy U.S. Attorney Robert Pitman. School officials said they were notifying the victims.
Travis County prosecutor Ronnie Earle said search warrants related to the case were served late Wednesday in Austin and Houston. No arrests had been made by Thursday afternoon.
The theft was discovered Sunday when employees found a computer malfunction, according to Dan Updegrove, the university's vice president for information technology who described the incident on the school's Web site.
The database was hacked by a computer in Austin several times beginning on Feb. 26 and ending Sunday. Updegrove said the hackers used a program to query the database with 3 million potential Social Security numbers, resulting in about 55,200 successful matches.
Updegrove acknowledged the breach could have been prevented with basic precautions.
"We flat out messed up on this one," he said. "Shame on us for leaving the door open, and shame on them for exploiting it. Our number one goal is to get those data back before they get misused."
Richard M. Smith, a Cambridge, Mass., Internet security and privacy consultant, said hackers prey on organizations with easy openings.
"They either didn't do a firewall properly or password protect properly," he said of the university. "There's probably a whole lot of things they didn't do right."