http://www.azstarnet.com/metro/244816
By Howard Fischer
Capitol Media Services
Tucson, Arizona
06.21.2008
PHOENIX - The computer systems at all three state universities are
vulnerable to online attacks and hacking, the state Auditor General's
Office has concluded.
In a report released Friday, Auditor General Debbie Davenport said her
staff was able to access sensitive information in university computers
by exploiting weaknesses in their security systems.
Davenport said auditors selected 35 of 205 significant Web-based systems
for testing. All of those applications, she said, had commonly found
security weaknesses.
From that list, auditors checked six to find out exactly what someone
with unauthorized access could do.
In one case, Davenport said, her staffers were able to obtain more than
10,000 records that included names and Social Security numbers. They
also accessed other records with student and employee identification
numbers, addresses, phone numbers and e-mail addresses. "These flaws
could also be used to modify and delete data in the databases,"
Davenport reported.
In two other cases, she said auditors were able to access "high-level
accounts" in which someone could not just view, but also change,
sensitive student and employee information.
[...]
Received on Mon Jun 23 03:38:28 2008