Hacker accesses KU files

Student records opened from pharmacy at Watkins Health Center

Personal information of thousands of Kansas University students, faculty and staff may have been taken by a computer hacker last week, KU officials said Tuesday.

KU officials notified the FBI on Friday that a hacker had breached the security system of a server at the Watkins Health Center pharmacy, which contained information on every patient receiving a prescription at KU from July 1994 to Jan. 26 of this year.

“At this stage of the investigation, we know only that the computer server was accessed, and the access was unauthorized,” said Marilu Goodyear, vice provost for information services. “But we are proceeding on the assumption that information was copied.”

Goodyear declined to say how many patients were involved but said the university was attempting to contact those who could be affected by e-mail and letters. Information in the files differed by patient but included Social Security number, address, KU identification number and birth date.

She declined to say how security on the server, which was used actively until Jan. 26, was circumvented but said it was immediately disabled. The hacking incident was detected during a routine computer security scan.

University computing staff members were in the process of transferring old files to a new server, she said.

“The pharmacy’s server they’re currently using is well-protected,” she said.

Jeff Lanza, a special agent with the FBI in Kansas City, Mo., said it was too early to determine if any information had been copied by the hacker.

“We’ve opened a federal investigation, and at this point what we’re trying to do is trace back where the intrusion originated from,” he said.

Lanza said at least one server used to hack the KU system was from outside the United States but noted it was common for hackers to use foreign computers as a platform to launch an attack.

“We can usually determine the source of the intrusion, but if it ends up being from an international source, obviously the investigation becomes more difficult, both in detection and prosecution,” he said.

Marlesa Roney, vice provost for student success at KU, issued an apology to those who may have been affected by the hacking incident.

“Computer hacking is a crime,” she said. “We will work with authorities and do everything in our power to protect and provide assistance to our students, faculty and staff.”

KU officials have established two phone numbers for anyone who had prescriptions filled between July 1994 and January 2004 who has questions about the incident. The phone numbers are (877) 529-4295 and 864-9147. KU also has a Web site about identity theft at www.ku.edu/identity.

As the FBI begins an investigation into a recent computer hacking incident at Kansas University, the agency has turned over a previous case at KU over to authorities in another country.FBI spokesman Jeff Lanza declined to say in which country agents believe the previous hacking incident, which occurred in January 2003, originated, but he said the FBI now considered it a closed case.The hacker had access to personal information for nearly 1,500 students, mostly international students.