The Final Four no college wants to make


The University of North Carolina at Chapel Hill campus took home the Higher Education Data Breach Madness title in 2009, and the University of Florida College of Dentistry won in 2008.

OSU discovered the security lapse in late October and hired “the nation’s best computer forensic consultants” to search the school’s network and check what, if anything, had been taken from university records, according to a university statement.

In late November, the forensic consultants told OSU officials that “there was no evidence that any data were taken out of the system by unauthorized individuals,” according to the school’s statement. “The experts did find evidence that the purpose of the unauthorized access was to launch cyber attacks.”

A report published by the company’s researchers, known as TeamSHATTER, exposed some of the most common ways in which college networks are hacked.

More on data security in higher education…

Campus Network Security Made Easy

College and university information was exposed through vulnerability in a campus’s operating system or through obtaining valid login and password information by stealing, guessing, or the use of Trojan virus, according to the report.

Hackers would sometimes impersonate authorized users of a campus network, allowing access to digital treasure troves of Social Security numbers, birth dates, grades, and contact information. Network attackers also have been known to manipulate logs and hide their illegal activity, the TeamSHATTER report said.

Authors of the TeamSHATTER research pointed to campus culture as a possible culprit for 2.3 million records breached at colleges since 2008. The openness of informational exchange, researchers said, isn’t conducive to keeping sensitive information behind secure digital walls.