When a hacker broke into the network at George Mason University (VA) earlier this year, IT officials were absolutely powerless to stop him. Within minutes, the hacker compromised the school’s main Windows 2000 server and gained access to information that included names, Social Security numbers, university identification numbers, and even photographs of almost everyone on campus. Next, he poked around for a back door into other GMU servers that store information such as student grades, financial aid, and payroll.

Finally, the hacker tried to crack passwords for other machines—machines in just about every department on campus. Curtis McNay, a system administrator who manages some of the university’s computing systems, saw the whole thing happen. After the break-in, McNay told the Washington Post that he knew from data streaming across his monitor that a break-in was going down. By the time the hack was halted, however, it was too late. Information surely had been copied; privacy most certainly had been breached. And after a week of investigating the scope and nature of the electronic break-in, university officials reluctantly sent an e-mail warning 32,000 students, faculty, and staff members that they were all vulnerable to identity theft or credit card fraud.

The link for this article located at Campus Technology is no longer available.