IP: Indiana University penetration raises fears of identity theft: [risks] Risks Digest 21.29

[David Farber <dave () farber net>]

> Date: Wed, 28 Feb 2001 10:19:34 -0500
> From: "Keith A Rhodes" <RhodesK () GAO GOV>
> Subject: Indiana University penetration raises fears of identity theft
>
> A user browsing from Sweden stored music and video files on a server at
> Indiana University that had apparently been left unprotected after a crash.
> IU realized it had a problem when huge increases were noted in network
> traffic.  In the process, they also noted that a file of over 3,100 student
> names and SSNs had been copied from the server.  Associate Vice President
> Perry Metz contacted the Social Security Administration about what might be
> an appropriate reaction, and said that they told him ``it's unlikely and
> unusual for someone who has your Social Security number to be able to do
> anything with it.  Normally, financial institutions require additional
> information.''  [Is that reassuring to RISKS readers?  Sources: Swedish
> hacker breaches IU server; Culprit stored music, video files on system and
> also downloaded private student data, AP item 28 Feb 2001, and article by
> John Meunier, *Herald-Times*, 28 Feb 2001; PGN-ed]



For archives see: http://www.interesting-people.org/