U Hawaii Data Breach Echoes 2009 Incident

  • By Dian Schaffhauser
  • 07/19/10

Up to 53,000 people may have been affected by a recent data breach at the University of Hawaii in Manoa. The university system discovered the break-in during a routine audit June 15, 2010. The breach had taken place May 30, 2010 on a server used by the main campus' parking office. The university isolated the affected server and began an investigation, which included notifying the Honolulu Police Department and the FBI. IT has also retained a forensic computer expert to do further investigation.

U Hawaii said the server contained a database with personal information--including nearly 41,000 Social Security numbers and data on 200 credit cards. The database had records for faculty, staff, and students at the institution during 1998. Also included was anyone who had business--such as purchasing parking permits or having a car towed--with the parking office between Jan. 1, 1998 and June 30, 2009.

The university said that it had no evidence that the personal information maintained on the server was accessed or used. But it encouraged those who have been potentially affected to monitor their financial information and take measures against identity theft. The university has set up a helpline and e-mail account to answer questions.

On a Web page about the incident, the university said that Social Security numbers were no longer used for parking transactions and were being purged from current and historic parking office databases.

Fifteen months earlier the university took steps to notify students about a malware-induced data breach at Kapi'olani Community College. That incident involved 15,487 students--and potentially their parents--who had applied for or were granted financial aid during the previous five years. While the infected computer didn't store sensitive information, it was on a local network that provided access to data for financial aid processing.

After that incident, IT blamed a series of human missteps for the breach. The computer that ultimately caused the attack was "very infected," said Jodi Ito, information security officer, in a presentation about top security challenges in the U Hawaii System. The computer had been used to connect to another server that "stored years of sensitive information"; the user connected to the server every morning and stayed connected "as a matter of daily routine"; the user opened all e-mails and attachments "without regard to relevance"; and the user visited social networking sites. User training was one of Ito's recommendations for reducing the chances of a similar breach from occurring.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • AI-powered individual working calmly on one side and a burnt-out person slumped over a laptop on the other

    Researchers: AI's Productivity Gains Come at a Cost

    A recent academic study found that as organizations adopt AI tools, they're not just streamlining workflows — they're piling on new demands. Researchers suggested that "AI technostress" is driving burnout and disrupting personal lives, even as organizations hail productivity gains.

  • AI assistant represented by a glowing blue humanoid figure in front of a laptop, surrounded by interconnected network nodes and data servers

    Network to Code Launches AI Assistant for Enterprise Network Teams

    Network automation firm Network to Code has launched NautobotGPT, an AI-powered assistant aimed at helping enterprise network engineers create, test, and troubleshoot automation tasks more efficiently.

  • two large brackets facing each other with various arrows, circles, and rectangles flowing between them

    1EdTech Partners with DXtera to Support Ed Tech Interoperability

    1EdTech Consortium and DXtera Institute have announced a partnership aimed at improving access to learning data in postsecondary and higher education.

  • college student working on a laptop, surrounded by icons representing campus support services

    National U Launches Student Support Hub for Non-Traditional Learners

    National University has launched a new student support hub designed to help online and working learners balance career, education, and family responsibilities as they pursue their education. Called "The Nest," the facility is positioned as a "co-learning" center that provides wraparound support services, work and study space, and access to child care.