UCLA Hacked, 800,000 Identities Exposed 148
An anonymous reader writes "The Washington Post reports that a central campus database at UCLA containing the personal information (including SSNs) of about 800,000 UCLA affiliates has been compromised for possibly over a year. The data may have been available to hackers since October 2005 until November 21, 2006, when the breach was finally detected and blocked. Several other UC campuses have also been involved in significant data security incidents over the past few years." From the article: "'To my knowledge, it's absolutely one of the largest,' Rodney Petersen, security task force coordinator for Educause, a nonprofit higher education association, told the Los Angeles Times. Petersen said that in a Educause survey release in October, about a quarter of 400 colleges said that over the previous 12 months, they had experienced a security incident in which confidential information was compromised, the newspaper reported."
Re:wow! (Score:5, Interesting)
My name was on the list. Hooray!
I was just about to submit this story myself. Here's UCLA's official website devoted to the whole incident: Link [ucla.edu]
I wonder, will there be a point in time when we hold accountable either the credit agencies for their broken system or organizations we are forced to trust with our data for not keeping it safe?
Re:One way to help protect... (Score:3, Interesting)
Good Target (Score:3, Interesting)
It's time to make the SSN database public (Score:5, Interesting)
The scary thing.. (Score:3, Interesting)
ohh.. look at Johnny's sparkly new Ph.d. or M.D.
Re:One way to help protect... (Score:4, Interesting)
since, from (Score:4, Interesting)
Am I the only one who cringes when he reads this sentence.
Maybe actual fraud will end up fixing this? (Score:3, Interesting)
You'd think that at some point, just about everyone in the U.S. will need to put "fraud alerts" on their credit profiles!
As bad as it sounds, I think it's going to take real financial losses of an almost unmanageable sort for the lenders and credit agencies to say "Enough!" and find new ways to protect consumer info.
Re:E-mail sent to UCLA students, faculty, and staf (Score:3, Interesting)
He regrets having to inform us, not that they were hacked.
Re:wow! (Score:1, Interesting)
Criminals typically do one of three things with a Name/DOB/SSN:
1) Try to obtain credit in your name
2) Open a bank account and use it for money laundering, bogus checks, ebay fraud, and various other scams
3) Give your info when they get arrested
1) will show up on your credit report eventually. With 2) or 3) you might not find out about it for awhile.
Re:wow! (Score:5, Interesting)
Re:It's time to make the SSN database public (Score:3, Interesting)
Although the original legislation for SSN's states that it is not meant to be a sort of national identification number, this seems mainly aimed at evangelical Christians who identified such a thing with some passages from the Revelation of John. It wasn't until the communist and fascist regimes of Stalin and Hitler demonstrated the possibility of total control that secular fears of Big Brother began to surface.
The reality of the SSN is that--being as it is a guaranteed unique name--it is extremely useful as an ID. But using it as a password is absolutely asinine. The sad truth is that criminals are more likely to know a victim's social security number than the victim is.
Re:Students? (Score:2, Interesting)
I think that once places that hold information are held responsible (even if it is to pay for credit monitoring for 2 years for anyone whose information could have been stolen), then we will see a real concern about security. Right now, all anyone has to pay for is postage to notify a person and time to investigate. In this case for example, if UCLA had to pay for credit monitoring for 800,000 people for 2 years (at about $100/year/person), I am sure $160,000,000 would force them to make sure this does not happen again. Otherwise, we will hear more stories of this type.
Their hotline database is offline (Score:3, Interesting)