Hackers steal thousands of student records from computers at Florida college

The hack at the Northwest Florida State College is believed to be a job by professional outside hackers
  • John Ribeiro (IDG News Service)
  • — 11 October, 2012 02:52

An information breach at a Florida college has compromised information of about 279,000 students and employees, the Florida Department of Education said on Wednesday.

In a statement earlier on Monday, Northwest Florida State College in Niceville said a breach in the security of the college's computer systems had compromised the personal information of some 3,200 current and retired college employees.

The employee data was breached between May 21 to Sept. 24 by outsiders, and the personal information of employees that was compromised included name, birth date, employee direct deposit bank routing and account number information, and Social Security number, the college said.

But by Wednesday, the college reported that it found on further investigation that the incident involved more than 3,000 employee records, some of which contain confidential financial information, about 76,000 Northwest College student records containing personal identification information, and another 200,000 records with information including names, Social Security numbers, dates of birth, ethnicity, and gender for students across the state who were eligible for Bright Futures scholarships for the 2005-06 and 2006-07 school years.

Local, state and federal agencies are investigating the incident, the department of education said.

"While some of the contact information is dated, we will be trying to reach every student whose records may have been captured," said Florida College System Chancellor Randy Hanna in a statement.

At least 50 employees were hit by identity thefts as a result of the breach, college president Ty Handy said in a memo to employees on Monday. Hackers accessed one folder with multiple files on the main server, and were able to piece together the information required for the identity theft by working between files, although no one file had a complete set of personal information regarding individuals, he said.

"We speculate this was a professional, coordinated attack by one or more hackers," Handy added. The college is part of Florida's system of 28 public state and community colleges.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com

Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Audit Management Solutions

Manage the complete audit lifecycle from audit universe identification and risk assessment to management/board reporting and quality assurance.

more »

Submit your own security event

Submit your training courses

Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.

Read More
more »