honoluluadvertiser.com

Sponsored by:

Comment, blog & share photos

Log in | Become a member
The Honolulu Advertiser
Posted on: Tuesday, May 5, 2009

Financial aid data at KCC may be at risk

By Suzanne Roig
Advertiser Staff Writer

PROTECT YOUR PERSONAL ID

Anyone who suspects their information may have been compromised is urged to call Kapi'olani Community College’s Office of Student Services at 734-9522 or go to www.kcc.hawaii.edu/object/idalerts.html.

spacer spacer

The financial aid records of more than 15,000 Kapi'olani Community College students may have been compromised by a computer virus, university officials said, but no one has reported any identity theft.

The virus affected a computer with access to financial aid records of students from Jan. 1, 2004, to April 15, 2009, KCC Chancellor Leon Richards said yesterday.

A computer with access to personal information of financial aid applicants was infected by "malware" — malicious software designed to infiltrate or damage computers — that has the potential to steal sensitive data, Richards said.

The affected computer — whose anti-virus software had not been updated — did not have the financial information on it, but was connected to a network where the sensitive data was stored.

"This has never happened before on this scale or magnitude," Richards said. "And definitely not with our campus. The bottom line is we don't know whether or not sensitive data was transferred."

Data that could have been accessed included information used on financial aid applications, such as names, addresses, phone numbers, birth dates and Social Security numbers. The police and FBI have forensic experts examining the computer's hard drive to determine if information has been shared on the Internet, Richards said.

In light of the possible breach, the university tightened its electronic security, said Carolyn Tanaka, University of Hawai'i system spokeswoman. The changes include:

  • Updating all UH computers with current anti-virus software.

  • Evaluating storage practices at the financial aid offices and instituting changes as needed.

  • Adding additional layers of security to computers on the 10 campuses to prevent future attacks.

  • Changing or adding encryption policies for employees handling personal /sensitive data and beefing up staff training.

    Officials urge those who believe their financial information may have been compromised to view their credit reports, review bank and credit card statements and contact financial institutions.

    Reach Suzanne Roig at sroig@honoluluadvertiser.com.