Shostack + Friends Blog Archive

 

University of North Texas, 34,000 SSNs, Bad Design + Google

The UNT server storing the electronic university housing records of about 34,000 current, former and prospective students was accessed by a computer hacker.

In addition, an Internet-based form available to students to make inquiries to the UNT financial aid office mistakenly created a file containing personal information of the current and former students who used it from 2001 to 2005. That file, which was available via the World Wide Web when using specific key words or numbers in a search engine, contained personal information for about 2,800 additional people. And about, 1,800 individuals had records in both.

The personal information contained in the records from both incidents may have included names, addresses, telephone numbers, social security numbers, student identification numbers, EUIDs and passwords (the university’s electronic student ID codes), and student classification information.

In addition, 524 credit card numbers may have been exposed.

From the UNT Site which includes a lookup function, via Dallas News.

And as you read the next story, remember: Everything’s bigger in Texas.