Shostack + Friends Blog Archive


MSU, 27,000 SSNs, "intrusion"

More than 27,000 students were informed by e-mail on Tuesday that their Social Security numbers could have been compromised by an attack on the College of Education’s server.

The server housed information that included student names, addresses, student courses and personal identification numbers. After the intrusion was discovered at the beginning of April, the server was taken off-line and a computer forensic investigation on the incident was started, said College of Education Assistant Dean Gail Nutter. Now, the college no longer maintains student Social Security numbers on its server.

Way to lock the barn after the horse escapes, baby. Full story is at “Hacker attacks college server.” I think MSU is Michigan, but I’m not positive.

(Via ISN.)

In other breach news, The New York Times reports that the USC breach was 8 years of applicant data.

I bet they wanted to do research on the relationship between applicant SSNs, their horoscopes, and when to lock the barn door.