The San Francisco Chronicle reported yesterday that officials at the City College of San Francisco discovered a few days after Thanksgiving 2010 that certain computers of the college have been infested with active malware for more than a decade. Up to 100,000 students and 3,000 employees could be affected, and that number may rise based on further, ongoing investigation.
The problem was detected when the college’s data security monitoring service discovered very high traffic and alerted the college. Initially thought to be limited to one computer lab (Cloud Hall at the Phelan Avenue campus), further investigated revealed that the problem was more widespread. The San Francisco Chronicle’s article reported:
Each night at about 10 p.m., at least seven viruses begin trolling the college networks and transmitting data to sites in Russia, China and at least eight other countries, including Iran and the United States, Hotchkiss and his team discovered. Servers and desktops have been infected across the college district’s administrative, instructional and wireless networks. It’s likely that personal computers belonging to anyone who used a flash drive during the past decade to carry information home were also affected.
Investigation continues to determine which other computer networks at the college may have been infected, such as accounting, admissions and/or payroll systems. Apparently, 17 different computer systems are presently being analyzed. The college’s server with medical information appears to be unaffected, although it is unclear whether any other system may also contain medical information (such as the admissions system).
The good news, besides that the college notified those potentially affected in what most would agree was a prompt timeframe, is that there are no known cases of identity theft originating from this extremely lengthy data breach.