It wasn't an outside hacker that accessed more than 40,000 records at Jacksonville State University (JSU). It was a 17-year-old student.
Just a few days ago, officials from JSU released a statement regarding the hack. "The university learned on Feb. 23 that a peripheral system with limited information was accessed on campus and placed online. The compromised information was the result of an internal security violation and not the result of an external 'hack,' as reported by sources."
The statement went on to say, "Those impacted by this security violation include students who have been accepted for admission. We have no evidence that Social Security numbers, credit cards, or any other banking information has been accessed."
Currently, the suspect remains unnamed. But, we do know that authorities have arrested a 17-year-old male. The charges are listed as "criminal computer tampering".
Vinson Houston, JSU's head of information technology, explained that the suspect accessed the university's private records using the login credentials of a staff member. Whether or not that information was stolen by the student, or given to him by the faculty member, is still being investigated by authorities. Once the student gained access to the records, the information of students and faculty members was posted online, including images, addresses, phone numbers and even birth dates.
The fact that a teenager was able to steal the identities of so many individuals clearly identifies a major problem. Officials at JSU are working to correct the vulnerabilities in their system, but what about the students and faculty members who were impacted?