UCLA making databases less sensitive, more secure

It was recently discovered that since October 2005, a hacker has been accessing the personal records of 800,000 faculty, students and alumni at UCLA. After UCLA's computer security technicians noticed a suspect number of database queries this November, UCLA CIO Jim Davis has worked to remove sensitive data from common usage, as a means to soften future damage from security breaches. "With 20/20 hindsight, the best way to deal with this kind of situation is not to have Social Security numbers there in the first place," explained Davis. Particularly at issue is the decentralized structure and extreme accessibility of most universities' IT set-ups. Davis explained that "out of hundreds of applications, they found a small vulnerability and found a way to exploit it."

For more on the UCLA case:
- read this article in Time Magazine