Shostack + Friends Blog Archive

 

Valdosta State University (Georgia) , 40,000 SSNs, hacker

valdosta_state_univ.jpg
The Associated Press reports “Identity theft risk widens at Valdosta State:”

VALDOSTA — A computer identity breach at Valdosta State University has widened, with authorities now saying up to 40,000 people could have had their Social Security numbers accessed by a computer hacker last week.

The breach was larger than originally thought, said school spokesman Joe Newton.

The computer server contained information on VSU 1Cards, which are combination identification and debit cards that could be used to buy food or books on campus or check out library materials.

Those at risk are all students since 1997, current employees and those who left from 1997 to 1999, Newton said.

The University has a press release, and a “fraud concern” page, which links to a lookup page:

Use this form to determine whether or not your identification number was potentially exposed during the incident of unauthorized access to 1Card Services which occurred on May 17, 2005. When you enter your VSU ID number or Social Security number the form will lookup your number and respond to inform you whether or not your identification number was potentially exposed.

Will they never learn? Could they not do lookup by name?

(Via the new Identity Theft Blog.)

One comment on "Valdosta State University (Georgia) , 40,000 SSNs, hacker"

Comments are closed.