Unauthorized Computer Attack on Georgetown University's Servers

[Luke_Wilbur]

On March 3, 2006, Georgetown University announced that the Secret Service is investigating an attack on a server containing personally identifiable information, such as name, date of birth and Social Security numbers relating to more than 41,000 individuals who have had contact with the District of Columbia Office on Aging (DCOA). The intrusion came from outside the University from an individual who did not have permission to access the data. This site was created by the University's Office of Communications to respond to inquiries and provide other relevant information about the incident.

 

If you are concerned that your information was exposed, you can call the 24 hour toll-free hotline, 1-866-740-2458 (the toll-free phone number will be activated at approximately 9 p.m. EST, March 3, 2006).

 

Here is the Press Release:

 

Georgetown University announced today that the Secret Service is investigating an attack on a server containing personally identifiable information, such as name, date of birth and Social Security numbers, relating to more than 41,000 individuals who may have received services from the District of Columbia Office on Aging. The intrusion came from outside the University from an individual who did not have permission to access the data.

 

The computer server was managed by a Georgetown University researcher as part of a grant to manage information on the various services provided through the D.C. Office on Aging. The grant has been active since 1983 providing a service to help the D.C. Office on Aging track services.

 

Last Friday, February 24, Georgetown University notified the D.C. Office on Aging of the computer intrusion. At that time, Georgetown reported that its internal investigation had confirmed that a computer server used to provide information to the D.C. Office on Aging had been compromised. As a result the university disconnected the computer server from the Georgetown University computer network. This intrusion was initially detected through a routine internal monitoring system administered by the Georgetown Information Security Office.

 

On Tuesday, February 28, 2006 the United States Secret Service took custody of the computer server for forensic testing.

 

At this time Georgetown has no evidence that personal data have been misused. However, Georgetown is making every reasonable effort to notify all individuals whose personal information may have been exposed on the affected server.

 

In the meantime, and as a precaution, Georgetown University and the D.C. Office on Aging suggest that individuals who have received services through DCOA programs should consider placing a fraud alert on their credit reporting accounts, which can be done free of charge.

 

Georgetown has established a toll free phone number 1-866-740-2458 (the toll-free phone number will be activated at approximately 9 p.m. EST this evening, March 3, 2006) and a website ( http://identity.georgetown.edu ) to provide additional information and answer specific questions. Georgetown University is fully cooperating with District of Columbia and federal officials on this matter and regrets this criminal attack on this server.

Edited March 6, 2006 by Luke_Wilbur