Hackers claim to steal 110,000 SSNs from Tenn. school system

Close to 9,000 SSNs belonging to students, employees publicly posted

By , Computerworld |  Security, privacy

Meanwhile, Identity Finder, a New York-based company that provides software for redacting, deleting or otherwise protecting Social Security numbers and other sensitive data from laptops and desktop computers, said Tuesday that it has discovered close to 9,000 unique Social Security numbers related to the breach.

Of those, 4,942 numbers appear to belong to school district employees and 3,977 are those of students, the company's chief privacy officer Aaron Titus said Wednesday. In all cases, the full names and student IDs or employee IDs of those affected were also released. About 1,300 of the records also contained the gender and dates of birth of the students. The files containing the information appear to have been taken offline by authorities, he said.

According to Titus, Identity Finder has been keeping an eye out for the information since June 6, when a hacker the company monitors tweeted about plans to release more than 100,000 state records. The hacker later posted redacted images of files obtained from the CMCSS system but initially vowed not to publicly release the information.

That changed in less than 24 hours, and the information was publicly released, Titus said. Titus said he contacted Clarksville police on Sunday after discovering the information posted online.

"Clarksville's response is to be commended," Titus said. "They were very responsive and took every reasonable precaution once they knew they had a problem," he said. It's unclear if the hackers plan to release any more of the information they claim to have purloined, he added.

A Twitter account that appeared to belong to Spex Security seemed to reflect some uncertainly on the part of the hackers after the incident. Three hackers who appeared to have been behind the intrusion and release of information at CMCSS claimed they were retiring from black hat hacking and had become white hat hackers instead.

"We are gone! Tada" one tweet proclaimed, only to be followed by another one a few hours ago, announcing, "We're back."


Originally published on Computerworld |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

SecurityWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question