University of Wisconsin-Milwaukee is notifying 75,000 students, faculty and staff that their personal information might have been exposed after one of the school's systems was compromised.UWM IT workers discovered on May 25 that a system containing sensitive data had been infected with information stealing malware.
"
During the course of the investigation, on June 30, 2011, we discovered that the database containing social security numbers was included in the compromised system," the university
says.
Even though the database contained names and social security numbers which are considered personally identifiable information (PII), it did not include any financial or student loan data.
Additional personal information was also stored on the same server, but the forensic investigation concluded that it's extremely unlikely for hackers to have accessed it.
In fact, the university doesn't believe that personal data was the intended target of this attack. "
Talking to the forensic experts, we don't believe the motive was identity theft," Tom Luljak, UWM's vice chancellor for university relations told the
Milwaukee-Wisconsin Journal Sentinel.
"
We are a research institution with a significant number of projects under way. It is theorized that this may have been an attempt to look at work being done," he added.
That theory has substance given that cyber espionage targeting intellectual property is widespread. Security giant McAfee recently released a report about a single such operation that ran for the past six years and affected over 70 companies, organizations and government agencies worldwide.
But even if the target was not personal information, it's a worrying that the university took over two months to start notifying affected individuals. This was ample time for any attacker to extensively misuse the data.
US legislators are working on new federal laws that would require companies and organizations to disclose data breaches in a timely manner and provide a minimum of protection for victims.
Find us on Google+
No user comments yet.
Be the first to express your opinion!
