Monday, July 11, 2005

Hacker Hits USC

A hacker has breached the University of Southern California's admissions database, and that the school is contacting 270,000 actual and would-be applicants to the school as a precaution. According to the Los Angeles Times and SecurityFocus, the hacker may have had access to student names, addresses, and Social Security numbers, but may have only accessed less than 10 records. The flaw was reported two weeks ago on the SecurityFocus web site, a an online community for information security professionals. According to SecurityFocus, the flaw in the USC software was in the user name and password text boxes of the site, and was found by a security-savvy student who was applying to the school. The breach comes as publicity from high profile data leaks from MasterCard and other organizations shows the vulnerability of personal info. SecurityFocus said that this follows a breach last week of the University of Connecticut, where 72,000 names, dates of birth, and Social Security numbers were exposed; and a loss by Boston College of 100,000 records in its alumni database in March.