CNET también está disponible en español.

Ir a español

Don't show this again


Report: Ohio University was warned years ago about poor security

Three years before Ohio University discovered that the school's computer systems were essentially a security-free zone, administrators were warned that pilfering student information was easy.

Jeremy Valeda was an Ohio University senior in 2002 when he snatched Social Security numbers, grades and information about tuition payments belonging to four members of the school's then Student Senate executive board. He said he wanted to demonstrate how porous the university's computer system was, according to a story published last week in The Athens (Ohio) News.

The school apparently failed to heed Valeda's warning. Last month, Ohio University announced that hackers had repeatedly broken into at least three of the school's servers. One of the servers was compromised for at least a year and possibly for much longer.

The information compromised included Social Security numbers for 137,000 individuals. Some health records were also likely exposed to the data thieves.

School administrators did not respond to interview requests

Back in 2002, Valeda was removed from his job as information systems manager for the Student Senate after reporting that he accessed the students' personal information, according to The Athens News. The school said at the time that Valeda was replaced for not doing his job, according to news stories.

"What I told them three years ago was going to happen is happening," said Valeda in the News' story. "The obvious thing is they had all this information and knew this was going to happen."

Valeda said that besides accessing the information, he could have altered grades.

The university has said an investigation into the recent illegal entries is ongoing and that the school is undertaking a major upgrade of system security.