University students have been warned to watch out for anyone trying to steal their identity after a computer server holding personal information was hacked.
An email sent this week by Stephen Whiteside, at the University of Auckland, said unauthorised parties had accessed a single server holding information such as name, date of birth and contact details of students, but not financial data.
A specialist computer security firm was examining the breach to find out what data had been accessed and how the hack could have happened.
"We stress that currently there is no evidence that your personal information has been accessed," the email said.
"Nonetheless, the university suggests that you carefully monitor activities based around your identity in the unlikely event there is an attempt to use this information in a malicious way."
The warning email was sent this week despite the breach happening three weeks ago.
A statement from the university said the server - which was separate to the main computer system - was immediately blocked by IT staff when the breach was found.
"As a precaution the limited number of students on whom the server held information have been individually notified," the statement said.
"We are still determining how the hacking occurred and will be taking steps to prevent a recurrence."
Danny Toresen, director of private investigator firm Thompson & Toresen, said personal information such as name, date of birth and contact details were useful for identity theft, but in reality the security risk is minimal.
"That information is not hard to find and not as valuable as, say, credit card details, which could be sold to gangs overseas."
He said that the breach at the university sounded like "penetration testing", in which IT consultants try to "prove their worth" by exposing weaknesses in computer systems and then ask for work to tighten up security.
"It's also a criminal offence and easily traceable."
University warns students on hacking
AdvertisementAdvertise with NZME.
