SAN FRANCISCO (KCBS) – The personal banking data from thousands of City College of San Francisco students, faculty and staff may be at risk because of a virus that infiltrated one computer lab – perhaps years ago.
Incredibly, the breach was only discovered recently – over the Thanksgiving holiday weekend.
KCBS’ Holly Quan Reports:
What’s most disturbing isn’t that the IP addresses identified as receiving transmissions belong to the Russian Mafia – according to to City College’s chief technology officer David Hotchkiss – it’s that the system set up to protect the computer network was so full of holes that it’s anybody’s guess how long the data had been vulnerable.
When Hotchkiss arrived on the job 18 months ago, he was flabbergasted to discover the passwords had never been changed. Work continues to figure out just how damaging the malware has been.
“We know that some banking information resided on the servers,” he explained. “We never said that we knew for a fact that any information has been taken. We just know that there’s been transmission communications from our network out to the overseas IP addresses. What’s contained in them, we don’t know yet.”
It’s a sobering reminder to any educational institution that even during an economic climate that dictates financial cutbacks, computer security is a must.
“There’s a huge conveyor belt of cybercrime out there,” warned Graham Clunley, senior analyst at the security firm Sophos. “You can’t scrimp on this anymore.”
(Copyright 2012 by CBS San Francisco. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed.)