The University of Central Florida is the latest educational institute to suffer from a data breach, putting the social security numbers of over 63,000 individuals at risk.

The Social Security numbers and names of both current and former students, as well as employees and staff, have been stolen by hackers, as stated by officials Thursday, February 4.

According to Joel Hartman, Supervisor of the university’s IT Department, UCF first noticed that someone had accessed the administrative systems on January 8, but then realized on January 15 that the data breach affected a much larger number of people than once thought.

Those impacted by this breach include:

  • 600 Current Student-Athletes
  • Former Student- Athletes Who Last Played Sports In 2014-2015
  • Study Staff Manager For The Teams & Other Related Positions
  • Current UCF Employees
  • Past UCF Employees Dating From 1980-Present
  • Undergraduate Student Employees
  • Graduate Assistant
  • Housing Resident Assistant
  • Adjunct Faculty Instructors
  • Student Government Leads
  • Faculty Members Who Were Paid For Teaching Additional Classes

The University has stated that no credit card information or grades have been compromised, but other information in addition to Social Security numbers & names like student and employee ID numbers have been stolen as well.

While the delay in notifying victims is currently unknown, those who are affected are being sent letters in the mail Friday, and in the meantime are asked to visit UCF Data Security web page for additional information. 

The perpetrator is still unclear, but the University feels it was likely executed by multiple individuals over time. At this time, there is no evidence that someone has attempted to use this information for identity theft, fraud, or any other financial means.

While UCF has not confirmed that a hacker gained access to the database through ‘phishing’, generally hackers do this quite easily and trick an employee into opening and logging into a fake server to get the user’s name & login information.

Education institutes hold a treasure trove of information, from financial data and health records to social security numbers and grades. Holding this sensitive personal information means these institutes have various different compliance requirements to fulfill, and if not compliant, can be placing the information of thousands of individuals at risk.

Hackers are becoming more and more sophisticated with their means of attack and these institutions should remain vigilant and alert when it comes to securing this sensitive personally identifiable information. Making sure your system is hardening & vulnerability free, coupled with Continuous File Integrity Monitoring and Breach Detection & Host Intrusion Detection will help protect your IT estate against a malicious attack.


For helpful tips on how to avoid falling victim to a phishing scam, click here to read "Batten Down the Hatches! Looking at Ways to Enhance Protection Against Ransomware, APTs, and other Phishing Malware"



NNT Products
USA Offices
New Net Technologies LLC
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email [email protected]
UK Office
New Net Technologies LLC
Rivers Lodge
West Common

Tel: 01582 287310
email [email protected]
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500 Sans Institute
Copyright 2017, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.