U Hawaii Data Breach Echoes 2009 Incident

  • By Dian Schaffhauser
  • 07/19/10

Up to 53,000 people may have been affected by a recent data breach at the University of Hawaii in Manoa. The university system discovered the break-in during a routine audit June 15, 2010. The breach had taken place May 30, 2010 on a server used by the main campus' parking office. The university isolated the affected server and began an investigation, which included notifying the Honolulu Police Department and the FBI. IT has also retained a forensic computer expert to do further investigation.

U Hawaii said the server contained a database with personal information--including nearly 41,000 Social Security numbers and data on 200 credit cards. The database had records for faculty, staff, and students at the institution during 1998. Also included was anyone who had business--such as purchasing parking permits or having a car towed--with the parking office between Jan. 1, 1998 and June 30, 2009.

The university said that it had no evidence that the personal information maintained on the server was accessed or used. But it encouraged those who have been potentially affected to monitor their financial information and take measures against identity theft. The university has set up a helpline and e-mail account to answer questions.

On a Web page about the incident, the university said that Social Security numbers were no longer used for parking transactions and were being purged from current and historic parking office databases.

Fifteen months earlier the university took steps to notify students about a malware-induced data breach at Kapi'olani Community College. That incident involved 15,487 students--and potentially their parents--who had applied for or were granted financial aid during the previous five years. While the infected computer didn't store sensitive information, it was on a local network that provided access to data for financial aid processing.

After that incident, IT blamed a series of human missteps for the breach. The computer that ultimately caused the attack was "very infected," said Jodi Ito, information security officer, in a presentation about top security challenges in the U Hawaii System. The computer had been used to connect to another server that "stored years of sensitive information"; the user connected to the server every morning and stayed connected "as a matter of daily routine"; the user opened all e-mails and attachments "without regard to relevance"; and the user visited social networking sites. User training was one of Ito's recommendations for reducing the chances of a similar breach from occurring.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • computer with a red warning icon on its screen, surrounded by digital grids, glowing neural network patterns, and a holographic brain

    Report Highlights Security Risks of Open Source AI

    In these days of rampant ransomware and other cybersecurity exploits, security is paramount to both proprietary and open source AI approaches — and here the open source movement might be susceptible to some inherent drawbacks, such as use of possibly insecure code from unknown sources.

  • The AI Show

    Register for Free to Attend the World's Greatest Show for All Things AI in EDU

    The AI Show @ ASU+GSV, held April 5–7, 2025, at the San Diego Convention Center, is a free event designed to help educators, students, and parents navigate AI's role in education. Featuring hands-on workshops, AI-powered networking, live demos from 125+ EdTech exhibitors, and keynote speakers like Colin Kaepernick and Stevie Van Zandt, the event offers practical insights into AI-driven teaching, learning, and career opportunities. Attendees will gain actionable strategies to integrate AI into classrooms while exploring innovations that promote equity, accessibility, and student success.

  • a professional worker in business casual attire interacting with a large screen displaying a generative AI interface in a modern office

    Study: Generative AI Could Inhibit Critical Thinking

    A new study on how knowledge workers engage in critical thinking found that workers with higher confidence in generative AI technology tend to employ less critical thinking to AI-generated outputs than workers with higher confidence in personal skills.

  • university building with classical columns and a triangular roof displayed on a computer screen, surrounded by minimalist tech elements like circuit lines and abstract digital shapes

    Pima Community College Launches New Portal for a Unified Digital Campus Experience

    Arizona's Pima Community College is elevating the digital campus experience for students, faculty, and staff with a new portal built on the Pathify digital engagement platform.