UCLA Didnt Study for Security Test | eWeek

UCLA Didnt Study for Security Test

Écrit par
eWEEK EDITORS
eWEEK EDITORS
Apr 30, 2012
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

As a recent graduate of the university of California, Los Angeles, I was one of the “lucky” 800,000 who received an e-mail from the university last week. Most of the correspondence I get from UCLA relates to alumni donations, but this e-mail was different: It alerted me to the fact that my identity is at risk.

UCLA announced on Dec. 12 that a hacker had gained access to a restricted campus database that contained personal information about current and former students, faculty, and staff. Information such as names, Social Security numbers, home addresses and dates of birth was stored on the affected database.

“I regret having to inform you that your name is in the database,” stated Norman Abrams, acting chancellor of UCLA, in the e-mail. “While we are uncertain whether your personal information was actually obtained, we know that the hacker sought and retrieved some Social Security numbers.”

If its not obvious by now, hackers are less interested in gaining notoriety and more interested in making money.

Weve been saying for years now that IT managers can no longer consider their networks truly impenetrable, no matter how many safeguards they put in place. The databases in IT managers care must therefore be under constant watch.

Put another way, if the network is no longer a walled fortress, then security managers need to employ the tactics of a beat cop. So says Alan Norquist, vice president of marketing at security company Imperva. Database usage needs to be monitored, and IT managers need to develop profiles that will look for out-of-the-ordinary database queries, Norquist adds.

Yes, its convenient that Impervas software does just that. But Norquist has a good point—and its one that, clearly, not enough IT managers are taking to heart.

UCLAs Abrams said in the now-infamous e-mail, “We have a responsibility to safeguard personal information, an obligation that we take very seriously.”

Easy to say, but that means keeping a closer eye on whats happening on the inside.

Technical Analyst Victor Loh can be reached at victor_loh@ziffdavis.com.

WWWeb Resources

Watch out!

UCLA identity alert

www.identityalert.ucla.edu/index.htm

Weakness in numbers

Total number of privacy breaches since 2005

www.privacyrights.org/ar/ChronDataBreaches.htm

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.