A hacker broke into a University of Missouri System database last Thursday and Friday, stealing information that included the names and Social Security numbers of more than 22,000 current and former employees.
Employees working at all of the system’s four campuses in 2004 were affected, but all of those employees worked at the Columbia campus at some point.
“We have had no reports of identity theft arising from this incident,” said UM System spokesman Scott Charton. “However, we are moving aggressively to spread the word about the break-in in our computer system to try to head off any problem.”
Charton said the information was contained in a report compiled in 2004. Last year, former UM System president Elson Floyd ordered that all employee social security information be removed from online databases to prevent such attacks. Charton said there is an ongoing effort to comply with the order, but the 2004 report was overlooked.
Although such incidents are uncommon for an organization such as the UM System, Charton said, many large organizations are subject to thousands of attempts by would-be hackers daily.
“This is not anything new,” Charton said. “In any large organization, you’re constantly reviewing your security precautions.”
University technicians purged the report and reported the incident to MU police as soon as they recognized the problem Friday, Charton said. MU police are cooperating with the FBI.
Gary Allen, the university’s vice president for information technology, sent an e-mail to university employees Tuesday morning notifying them of the breach. An additional e-mail was sent to those employees affected. In the e-mail, Allen encouraged employees to place a flag on their credit reports which would alert creditors of possible fraud. He also suggested employees check their credit reports and report any suspicious activity to the Missouri attorney general’s office. The attorney general’s office operates an identity theft hotline, (800) 392-8222.