UGA Personnel Records Hacked in Athens, Ga.
Hackers had access to Social Securitiy numbers and names of current and past employees.
Hope that you don't get an email or a letter from UGA soon. The school is notifying about 8,500 employees, both current and former ones, that their personal records may have been hacked.
According to a university press release, officials are investigating "a criminal act of computer trespass” by an intruder, according to UGA Vice President for Information Technology Timothy Chester.
The initial hacking may have happened as early as Sept. 28. The investigation began Oct. 1 after officials learned that someone reset the MyID passwords of two UGA employees, both of whom work in sensitive information technology positions. The hackers then used those accounts to gain access to personnel data.
“This appears to us to be a planned intrusion by someone who knew enough about our operations to know which accounts to attack and where the sensitive information was located within the system,” Chester said. “It is clearly a criminal act of computer trespass, and we are working with UGA Police to investigate.”
What was taken? Names and Social Security numbers, to start, and other personal information. Those whose records may have been compromised will be notified directly by email or U.S. mail as addresses are available for them.
Chester suggests that all university employees take appropriate steps to guard against identity theft. In addition, UGA will provide credit monitoring for affected persons who request it.
“It is important that employees also take steps to make sure their MyID information is secure,” Chester said. “Make your secret question and answer pairs impossible to guess. Don’t use questions to which the answers may be found on your vita or your Facebook page.”
The perpetrators in this case may have been able to crack the accounts they entered through obtaining information in that way, he added. Employees may update the answers to their MyID secret questions at http://eits.uga.edu/access_and_security/myid.
Plus, those affected should review the information contained in http://fraudconcerns.uga.edu to learn more about recommended precautions. By following the recommended steps, people can minimize the risk of identity theft. The site contains comprehensive information on this incident, including a frequently asked questions section.