US college suffers two-year hack
About 6,000 University of Virginia faculty members have been warned that their personal details - including social security numbers and dates of birth - have been downloaded by hackers.
About 6,000 University of Virginia faculty members have been warned that their personal details - including social security numbers and dates of birth - have been downloaded by hackers.



From forensic cyber to encryption: InfoSec17
Security technologist Bruce Schneier’s insights and warnings around the regulation of IoT security and forensic cyber psychologist Mary Aiken’s comments around the tensions between encryption and state security were the top highlights of the keynote presentations at Infosecurity Europe 2017 in London.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
According to University officials, the hackers gained access to the records between May 2005 and April of this year.
Phil Higgins, senior partner at network systems provider Brookcourt Solutions, said a hack lasting two years was an embarrassment for the US college.
Higgins said, "Security system failures are becoming a fact of life in the modern IT environment, especially when IT managers rely on a single security technology to protect their systems, but a failure lasting two years? Come on."
Higgins said anti-virus software on desktops and firewalls placed around servers were not enough, and that organisations had to take a multi-layered approach to protecting their systems, including addressing internal threats.
Virginia is not alone in failing to quickly address security breaches of course. The biggest hack ever seen took place over about two years at the TJX group of clothing firms.
Will data breach be the end of TJX? >>
45.7m card details stolen in TJX security breach >>
Clothes company sued over refusal to reveal hack attack details >>
TK Maxx customer data was breached by hackers >>
TJX data breach worse than initially feared >>
David Lacey’s security blog >>
Comment on this article: e-mail computer.weekly@rbi.co.uk
Read more on IT risk management
-
Why businesses must think like criminals to protect their data
-
Security Think Tank: Use awareness, education and controls to halt cryptojacking
-
Security Think Tank: Awareness is a good starting point to counter fileless malware
-
Security Think Tank: Human, procedural and technical response to fileless malware
Start the conversation
0 comments