“March 16, 2004: Computer Security Incident
While investigating a computer server sending spam e-mail messages, the
Information Technology Security Office at San Diego State University
discovered computer intruders had circumvented departmental server
security and gained illegal access to a file server in the Office of
Financial Aid and Scholarships.
The initial investigation revealed that the intruders had used the server
for file transfers (including MP3 music files) in addition to sending spam
e-mail. The illegal entry also gave the intruders the opportunity to view
various Financial Aid reports stored on this server. The compromised
server was not the Financial Aid database, which means the intruders did
not have access to aid application or award data. However, some of the
reports and files stored on this system included the names and Social
Security numbers for more than 178,000 individuals”