Feeds

Florida Uni on brown alert after hack attack

IT hits the fan

  • alert
  • submit to reddit

Securing Web Applications Made Simple and Scalable

Students and staff at Florida International University (FIU) were warned they are at risk of identity fraud this week after techies discovered hackers had broken into college systems. A file found on a compromised computer showed that an unknown hacker had access to the username and password for 165 computers at the University, sparking a major security alert.

A preliminary investigation has revealed that only a few of the compromised computers contained sensitive information (e.g. credit card details and social security numbers). That’s by enough by itself but the greater fear is that hackers have compromised the University’s network to such as extent that few systems are safe. FIU information-systems chief John P. McGowan reckons hackers based in Europe are responsible for the attack, the Orlando Sentinel reports.

Users are being advised to remove any sensitive information from their university computers. They are also advised to set up a fraud alert on their credit file, as a precaution. The amount of confidential information obtained by hackers is unclear. There’s no evidence that any fraud has taken place as yet. Even so university authorities are taking the problem seriously, going to the unprecedented length of having technicians examine 3,000 campus computers for possible security problems in a scheme likely to take weeks if not months to complete.

Among other things these technicians will be updating operating system and anti-virus protection, removing known Windows vulnerabilities, re-configuring log-in accounts, scanning for applications that allow for unauthorized access as well as disseminating new information on effective password management and computer user access guidelines. As part of this extensive security mitigation checklist, technicians will also be examining PCS for types of sensitive information (i.e., SSNs, credit card numbers) saved on computers or network file shares but not recording the actual numbers. This last procedure comes perilously close to been a security risk in itself, you might think.

Florida International University has reported the incident to the FBI for investigation. FIU joins a growing list of US Universities to have suffered cyber attacks over recent months. Boston College, Carnegie Mellon University and Northwestern University have been among the victims. ®

Related stories

Berkeley hack sparks legislative backlash
Student owns up to Texas Uni cyber-heist
Student charged with massive ID fraud
Feds probe huge California data breach
ID theft is inescapable

Related links

FTC advice on guarding against identity theft FIU's alert

The smart choice: opportunity from uncertainty

More from The Register

next story
BMW's ConnectedDrive falls over, bosses blame upgrade snafu
Traffic flows up 20% as motorway middle lanes miraculously unclog
Putin: Crack Tor for me and I'll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o' roubles for busting pro-privacy browser
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.