UH computer security breach may have exposed personal info of 53,000

UH computer security breach may have exposed personal info of 53,000
Janet Becker
Janet Becker
Gregg Takayama
Gregg Takayama

By Minna Sugimoto - bio | email

MANOA (HawaiiNewsNow) - More than 50,000 people who have parked at the University of Hawaii at Manoa are on pins and needles after being notified that a computer hacker got into the parking office's database that contained confidential information, such as social security numbers.

UH officials say they are taking steps to strengthen computer system security.

Professor Janet Becker has always parked her car and walked to class without much concern. But on Tuesday, she received word that her personal information was compromised when a hacker introduced a virus to a computer server used by the University of Hawaii Manoa parking office.

"What was your reaction?" this reporter asked.

"Um, crap," the geology and geophysics professor said. "Maybe it was something worse than that, but that's all I'll attest to."

The university says the online security breach may have exposed the personal data of approximately 53,000 people, including about 40,870 social security numbers and 200 credit card numbers.

"We do know that, as part of the investigation, a computer site in China was involved," Gregg Takayama, UH spokesperson, said. "But that's not to say that the hacker originated in China because they may have simply used a site in China to route this Malware through."

Those being notified, and encouraged to review their financial statements, include faculty and staff members employed in 1998, and anyone who dealt with the parking office between January 1, 1998 and June 30, 2009. That means anyone who obtained a parking permit, had a car towed or appealed a citation.

"We absolutely understand the concerns on the part of 53,000," Takayama said. "I'm among those whose information is compromised, too."

The breach occurred more than five weeks ago, but wasn't discovered until a routine audit June 15th. Since then, UH officials say they have been working to identify those affected, and purging social security numbers from parking office databases.

"It's a ticking time bomb if you use social security numbers for identifications, so I'm glad they've deleted those," Becker said.

The university says so far, there's been no indication that the information is being misused.

"It's a big deal," Becker said. "But I'm just kind of crossing my fingers that I have a bad car so no one will want my information."

This incident follows two other cases within the UH system.

On April 15, 2009, the financial records of about 15,000 Kapiolani Community College students were compromised. On February 4, 2010, the credit card numbers of about 35 people at Honolulu Community College were exposed.

For more information on the Manoa case, go to www.hawaii.edu/idalert/

Copyright 2010 Hawaii News Now. All rights reserved.