Breaking News
Chico State's independent student newspaper

The Orion
Chico State's independent student newspaper

The Orion
Chico State's independent student newspaper

The Orion

Officials apologize for system breach

March 28, 2014

Published 2005-03-23T00:00:00Z”/>

archives

Robert LaHue<br>Staff Writer

Hackers who broke into a University Housing and Food Service server in February had access to names, Social Security numbers and Wildcat ID numbers of 59,268 current and former Chico State students, staff and faculty, university officials said.

While no evidence was found that the hackers used the personal information on the server, state law requires the university to notify all people whose information was accessed.

Housing department director David Stephen sent a letter March 15 apologizing for the security compromise and providing contact information for three major credit-reporting agencies if people wished to put out fraud alerts on their credit. He did not, however, officially suggest people do that.

The security breach was discovered Feb. 16 after abnormal activity was noticed on the server, said Bill Post, vice provost for Information Resources.

“We got data coming from the machine that shouldn’t have been coming from the machine,” Post said.

The server was pulled offline and a content search verified it was hacked, Post said. Another week of searching confirmed that there was private information on the server, and 2003 amendments to the California Civil Code require everyone whose information was exposed be notified.

“We couldn’t prove the files were taken,” Post said, “but we couldn’t prove they weren’t taken.”

Information Resources staff then gathered the names of those compromised by the hack and found valid e-mail or mailing addresses to contact them.

Half of the people whose names were in the server were notified by e-mail. The other half were notified by mail, Post said.

The server contained software that should not have been installed, said Brooke Banks, Chico State’s information-security officer.

Often, hackers will install software on exposed servers that allows them to store and swap music and movie files. This type of software was found on the housing server.

The housing department used the server to keep track of university residents and for the door locks on the residence halls, Banks said.

Students who live in residence halls access the buildings by swiping their Wildcat ID cards through a magnetic strip reader. The reader determines whether the doors can be unlocked.

Banks said the housing office used a file from the Wildcat ID office to determine which cards could open the doors to the residence halls. The data in the file was the first and last names, Wildcat ID card number, and Social Security numbers of 59,268 current and former Chico State students, faculty and staff. The card-swiping access did not go offline, but the housing system was offline four days while it was rebuilt, Banks said.

“A hacker might have left a lot of backdoors,” Banks said, “so the only way to make sure the system is safe is to completely rebuild.”

Banks encouraged people to monitor their credit. That is what Information Resources staff has told people concerned about the hack who have contacted the office, she said.

Faculty are also expressing their concerns.

In a letter to Chico State’s California Faculty Association members, President Susan Marie Green said questions about the hack will be presented to university administration in their monthly meeting on Thursday.

The university had begun working on a new system prior to the hack, said Joe Wills, Chico State’s public affairs director. In the new system, people will be assigned a university identification number, requiring less usage of their Social Security.

Banks said the new system, called the Common Management System, will be ready for fall registration.

University officials are also looking at new ways to block hackers, a battle Wills described as a cat and mouse game.

“It’s very difficult to keep them out,” he said, “but we’re talking and looking at things to keep the numbers from being exposed.”

Robert LaHue can be reached at

<a href= “mailto:[email protected]”>[email protected]</a>
        Leave a Comment
        More to Discover
        More in Archives
        The Chico State Financial Aid Office on September 14, 2022
        Looking at Biden's debt relief plan
        Nicole Santos says farewell to her last four years at Chico State. Photo courtesy of Annie Page
        Senior Spotlight: An Orionite's farewell to Chico State
        Chase Palmieri, a senior entrepreneurship and small business management major, plans to change the way people donate through a simple app he created called SlideSocial. Photo credit: Nicole Santos
        Senior Spotlight: Entrepreneur creates app to transform how people donate
        Senior Spotlight: Q&A with nutrition majors who landed internships
        Senior Spotlight: Q&A with nutrition majors who landed internships
        Michelle Brathovd, senior liberal studies major. Photo credit: Nicole Santos
        Senior Spotlight: Q&A with future teachers
        Victoria Goernert, a senior civil engineering major (fifth from the right), has participated in the Steel Bridge Competition for the past two years. Photo courtesy of Victoria Goernert.
        Senior Spotlight: Student engineers promising future

        The Orion

        Chico State's independent student newspaper
        The Orion
        Chico State University
        Plumas Hall 001
        [email protected]
        530-898-4386
        The Orion • © 2024 The Orion 2023 • FLEX Pro WordPress Theme by SNOLog in

        Comments (0)

        All The Orion Picks Reader Picks Sort: Newest

        Your email address will not be published. Required fields are marked *