Officials started an investigation Oct. 1 after learning that two UGA workers’ passwords were reset by someone other than them as early as Sept. 28. Both the employees worked in information technology with access to others’ records.
The intruder then used those workers’ accounts to look into UGA’s personnel record-keeping system, a UGA official announced Friday.
“This appears to be a planned intrusion by someone who knew enough about our operations to know which accounts to attack and where the sensitive information was located within the system,” UGA Vice President for Information Technology Timothy Chester said in an email distributed to UGA employees. “It is clearly a criminal act of computer trespass, and we are working with UGA Police to investigate.”
The accessed data includes names, Social Security numbers and other personal information.
Investigators don’t yet know who broke into the system, nor whether they stole information or used it in any way, said UGA Vice President for Public Affairs Tom Jackson.
The UGA Police Department’s three-person computer forensics team is investigating the break-in, Jackson said.
Chester said all current and former UGA employees should be on guard against identity theft. UGA will also provide credit monitoring for those affected by the breach and who request help.
Using email or U.S. mail, university administrators will contact anyone whose records might have been accessed, to the extent that they have addresses for them, according to the UGA announcement.
UGA workers should try to make it hard for an intruder to get into their personal accounts; whoever got into the UGA system have had an easy time outwitting the “secret question” that is part of the security system for UGA’s MyID information system.
“It is important that employees also take steps to make sure their MyID information is secure,” Chester said. “Make your secret question and answer pairs impossible to guess. Don’t use questions to which the answers may be found on your ... Facebook page.”