U-Va. Officials Announce Database Breach - washingtonpost.com: "Hackers have been breaking into a University of Virginia database that included Social Security numbers and other personal information about faculty members over the past two years.

School officials announced the security breaches yesterday, about a week after they discovered that, on 54 days between April 2005 and April 2007, someone broke into the records for more than 5,700 faculty members. Officials warned professors to carefully watch their financial accounts and have offered a year of free credit monitoring to everyone affected.

'I'm concerned about it,' said professor Brandt R. Allen, whose data were exposed. He said he had already been a little worried about online security: 'We probably have a lot more breaking and entering than people realize.'

Many schools have had similar problems, and many have changed the types of personal information they store. U-Va. was in the process of moving from Social Security numbers to university-issued identification numbers, spokeswoman Carol Wood said. The theft brings greater urgency to that effort.

Hackers got into an academic Web site that mistakenly included the database of professors' information, officials said.

The database included names, Social Security numbers and dates of birth, but not financial information such as credit card numbers or bank accounts. No students or non-faculty staff members were affected.

When officials sent out e-mail alerts, the names got mixed up, and the school had to send follow-up messages and post a clarifying note online: 'If an e-mail came to your address, your information has been exposed -- even if the name in the salutation is not yours.'

That did not inspire confidence, Allen said.

"

(Read Original Article - Via washingtonpost.com.)