The December 2022 issue of IEEE Spectrum is here!

Close bar

760,000 Notified by Ohio State University Concerning Security Breach

Past and present faculty and staff members, students and applicants information at risk

2 min read
760,000 Notified by Ohio State University Concerning Security Breach

Ohio State University (OSU) has begun this week sending out letters to 760,000 past and present students, faculty, staff members and applicants informing them "that a university computer server was illegally accessed by unauthorized individuals."
OSU's press release goes on to state that the university does not believe any information was taken, but just in case, the university will offer 12 months free credit protection services to those involved.
The press release goes on to say:

 "In late October, the university discovered that unauthorized individuals logged into an Ohio State server that housed personal information for approximately 760,000 individuals including current and former faculty, staff, and students, as well as applicants and other individuals affiliated with the university such as consultants and contractors. That server includes names, Social Security numbers, dates of birth and addresses. No OSU Medical Center patient records or student health records were involved."

Forensic analysis of the breach indicated that while no one's information was taken, there was evidence "that the purpose of the unauthorized access was to launch cyber attacks."
In related college IT-security news, late last week the University of Hawaii announced that it has hired Cedric Bennett, Director Emeritus, Information Security Services at Stanford University to evaluate and recommend improvements to the university's information security practices.

According to this article in the Honolulu Star Advertiser, over 260,000 University of Hawaii confidential records have been exposed since 2005. Nearly 100,000 have been exposed this year alone.

For instance, July of 2010, a hacker was able to breach security at a University of Hawaii parking office computer server that held information on 53,000 individuals, including some 40,870 Social Security numbers and information from 200 or more credit cards.

Then in October of this year, more than 40,000 detailed records of former students including their Social Security numbers, citizenship, marital status and addresses were found to have been inadvertently posted online by a faculty member for almost a year. A privacy policy institution discovered the information and notified the University about it.

A former student has filed a class-action lawsuit against the University of Hawaii for negligence in regard to the parking office breach, claiming in part that his identity has been stolen because of the breach.

The Conversation (0)

Why Functional Programming Should Be the Future of Software Development

It’s hard to learn, but your code will produce fewer nasty surprises

11 min read
A plate of spaghetti made from code
Shira Inbar

You’d expectthe longest and most costly phase in the lifecycle of a software product to be the initial development of the system, when all those great features are first imagined and then created. In fact, the hardest part comes later, during the maintenance phase. That’s when programmers pay the price for the shortcuts they took during development.

So why did they take shortcuts? Maybe they didn’t realize that they were cutting any corners. Only when their code was deployed and exercised by a lot of users did its hidden flaws come to light. And maybe the developers were rushed. Time-to-market pressures would almost guarantee that their software will contain more bugs than it would otherwise.

Keep Reading ↓Show less