University of Delaware officials identify cause of cyber security breach

    August 2, 2013

    University of Delaware (UD) officials have identified the cause of the cyber security breach that resulted in the theft of confidential information of 72,000 current and former employees.

    According to the university’s IT Associate Director Karl Hassler, the breach occurred within third-party software.

    “It was a vulnerability of software we acquired from a vendor in the Java programming suite so that was zero-day vulnerability and the hackers exploited that,” said Hassler.

    UD is working with the FBI and a private security forensics firm to identify the hackers.

    • WHYY thanks our sponsors — become a WHYY sponsor

    Damage control and quick solutions

    In the mean time, files containing the names, addresses and social security numbers of 72,000 current and former employees are in the hands of an illegal party.

    The university is offering three years of credit monitoring to those affected.

    Along with credit monitoring, Mark Hufe, director of the Center for Cyber Security at Wilmington University says there are additional steps online users can take to prevent a cyber hack.

    “Secure passwords, keep your antivirus software updated,” said Hufe. “Do all your software updates. Those updates come out because people find vulnerabilities.”

    He also says to look for abnormal wording in emails and never open a suspicious attachment.

    WHYY is your source for fact-based, in-depth journalism and information. As a nonprofit organization, we rely on financial support from readers like you. Please give today.

    Want a digest of WHYY’s programs, events & stories? Sign up for our weekly newsletter.

    Together we can reach 100% of WHYY’s fiscal year goal

    Donate
    Learn about WHYY Member benefits
    Ways to Donate