Shostack + Friends Blog Archive


Iowa State (again!), 3000 SSNs+2500 encrypted CC#s, "hacker"

The Des Moines Register reports [link to no longer works] on a December, 2005 breach at Iowa State:

[3,000 ISU employees’] personal data might have been viewed by hackers who infiltrated two computers earlier this month.
One held about 2,500 encrypted credit card numbers of athletic department donors. The second computer contained Social Security numbers for more than 3,000 ISU employees.

This is hardly the first time Iowa State has gotten hit, either.

A similar breach occurred in June. Personal information for about 3,359 alumni association members and online customers was hacked, ISU officials said.
A computer, which was used to maintain a Web site for the association and its student groups, contained Social Security numbers, credit card numbers and student ID numbers. Officials were unsure whether the information was viewed or copied.
At the University of Iowa, officials reported that a computer at the University Book Store with up to 30,000 credit card numbers and student/employee identification numbers was improperly accessed in May. University officials contacted campus police and the FBI. No arrests were made.
In the most recent breach at ISU, officials said they won’t contact police to find the identity of the intruder.

(emphasis mine)

One comment on "Iowa State (again!), 3000 SSNs+2500 encrypted CC#s, "hacker""

  • Adam says:

    Of course not! The police never catch these guys, and ask all sorts of questions.

Comments are closed.