A hacker has grabbed the social security numbers of more than 22,300 current and former students at the US University of Missouri, in the institution's second data break-in this year.
The attack was launched from IP addresses in China and Australia and used a web form for tracking the status of queries to the university's IT helpdesk. The hacker accessed the names and social security numbers of staff employed by the university during 2004 who were also current or former students. The records had been compiled for a report, but were overlooked rather than deleted.
IT staff noticed unusual activity that began at around 5:30am last Thursday, then tied a large number of database query errors to the problem on Friday. Logs showed that the attacks ended at 9:34am on Friday. That day, technicians disabled the account used to access the database from an IP address in China and another in Australia.
"The hacker was able to reach the information by making thousands of queries over a span of hours, allowing the identities to be exposed one at a time," the university reported.
A web page and free telephone line have been set up to take questions from students, the university said. Officials are also contacting as many of the affected people as possible.
This is the second incident at the University of Missouri in recent months. In February, the university acknowledged that a server attack in January might have exposed the identities of 1,220 researchers on the university's four campuses. A university spokeswoman declined to comment on whether there could be any connection between the two events.
In its message to potential identity theft victims, the university said it "takes this matter very seriously" and noted it wasn't the only organisation to be attacked. "All companies or organisations using the internet to serve their customers face this challenge."
Universities are a frequent target of identity thieves, according to the data breach chronology compiled by the Privacy Rights Clearinghouse. Since 1 January, 27 US colleges or universities have been victimised by attackers.
Find your next job with computerworld UK jobs