Advertising

The Seattle Times Company

NWjobs | NWautos | NWhomes | NWsource | Free Classifieds | seattletimes.com

Local News


Our network sites seattletimes.com | Advanced

Originally published Wednesday, April 1, 2009 at 12:00 AM

Comments (0)     E-mail E-mail article      Print Print      Share Share

6,000 UW workers' personal information at risk

About 6,000 University of Washington employees were notified this week that their names and Social Security numbers were on a parking-management computer system that was hacked.

Seattle Times higher-education reporter

About 6,000 University of Washington employees were notified this week that their names and Social Security numbers were on a computer system that was hacked.

"I want to make you aware that the security breach occurred," wrote UW transportation-services director Joshua Kavanagh, "so that you can take steps that you feel may be appropriate to protect yourself from the potential misuse of your personal information."

A UW police report indicates that two parking-management computer servers were hacked starting around Dec. 6 last year. An initial on-site review by the UW on Dec. 30 showed "obvious signs of compromise," prompting the university to take the servers offline, according to the report.

The incident has raised questions: Why did it take the UW three months to inform employees? And what were Social Security numbers doing on a parking computer to begin with?

Kirk Bailey, the UW's chief information-security officer, said that although there were signs of something amiss last year, it took until the end of February or the beginning of March to complete an investigation.

"A full-blown computer forensic investigation is a time-consuming and thorough process," Bailey said.

He said Social Security numbers were routinely used by the university as employee-identification numbers until about seven years ago. But some UW computers, he said, still contain that "legacy" data.

The UW is interested in tracking down other computers that still may contain such sensitive data, Bailey said. But finding all those computers, given the breadth of the university and the large number of different systems, would be no easy task, he said.

Bailey said it is not known why the hacker or hackers wanted to get into the system or what they did once there. There is no evidence to show whether any personal information was downloaded.

Computers often are hacked so that dishonest operators can shoot out spam or store illicit information, Bailey added.

Nick Perry: 206-515-5639 or nperry@seattletimes.com

Copyright © 2009 The Seattle Times Company

More Local News headlines...

E-mail E-mail article      Print Print      Share Share

Comments
No comments have been posted to this article.

advertising


Get home delivery today!

More Local News

UPDATE - 09:46 AM
Exxon Mobil wins ruling in Alaska oil spill case

NEW - 7:51 AM
Longview man says he was tortured with hot knife

Longview man says he was tortured with hot knife

Longview mill spills bleach into Columbia River

NEW - 8:00 AM
More extensive TSA searches in Sea-Tac Airport rattle some travelers

Advertising

Video

Marketplace

Advertising