It's unlikely the hacker who stole personal information on Kansas University's international students was looking to enter the country illegally, several computer security experts said Friday.
Rather, the hacker is probably one of the multitudes of computer geeks who simply are seeing what they can access from their home computers.
"Somebody probably just discovered this hole" in security, said Bruce Roberts, chief information technology officer for the Kansas Department of Administration. "It would be like somebody walking through a neighborhood checking unlocked vehicles. If you find one that's unlocked, you go in it."
KU officials discovered Wednesday that someone downloaded a file with Social Security numbers and passport numbers on about 1,450 international students. The information was being gathered as part of a new reporting system imposed by the Immigration and Naturalization Service.
The security breach raised concern that someone could use the information to enter the United States illegally. Students also were warned about the financial risks of identity theft.
FBI agents, who arrived Thursday on campus, still were investigating there Friday. FBI Special Agent Jeff Lanza said agents made no major advances in the case. He expected agents to be on campus again next week.
The information was downloaded Jan. 17. Because authorities said the same hacker used the server four times beginning Jan. 6 to distribute copyrighted movies and pornography, experts said it was unlikely he was looking for the file on international students.
"This probably is not an enterprising, underground mafia-type thing," said Ed Skoudis, a New York-based security consultant and author of the book "Counterhack." "It's probably students who are seeing what they can see, pushing the envelope. We used to throw eggs at the university buildings. Nowadays, they hack into computers."
KU officials have said the server involved in the latest hacking incident recently had undergone a security upgrade that voided a previous security "patch" on the operating system. They say they since have corrected the problem.
Skoudis said most hackers download software programs -- nicknamed "tools" -- that send feelers -- or "pings" -- to computer systems looking for lapses in security. When the software finds security gaps, hackers find ways to break in.
Chuck Crawford, information technology officer for KU, said hackers try to get onto KU's computer networks several hundred times a day.
Some are looking for illegal information. Others are looking to cover up their tracks while downloading pornography or other materials. And some are looking for information that isn't theirs.
Firewalls installed on the system keep most hackers out. He said administrators are constantly monitoring the network in search of hackers.
"It's infrequent when somebody actually gets onto the system," Crawford said. "This was a fluke, to be honest with you. Somebody got lucky and got into something."
Lanza said his office, which investigates crimes in the Kansas City metropolitan area and all of Kansas, had 13 computer crime cases open. Federal penalties range from probation to 10 years in prison.
"On 90 percent of them, it's just that they're doing it for the heck of it, for the technological thrill," he said.
State Rep. Jim Morrison, R-Colby, is among those who enjoy testing computer systems. Looking at insecure computer systems generally isn't illegal, he says, but using that information for criminal reasons is.
He said the case might be cause to review the state's policies on computer security. And he'd like to strengthen state laws punishing offenders.
Morrison said he wasn't surprised a hacker could download information from a KU computer.
"It's such a huge system," he said. "I don't see how anybody could keep track of the whole thing. I understand how there could be holes. It's a lot easier than you'd imagine."