Now
Fair
13°
High
32°
Low
24°
Full Forecast

Jobs

Cars

Homes

Rentals

Alerts

Subscribe
Home > Local
Bookmark Us   •   Make Us Your Homepage

Hacker breaks into Treasurer's Office

Comments 4 comment(s)  
E-mail Story E-mail Story
Print Story Print Story
Share  Share
Text Size: 
Tools Sponsor

By NATE JENKINS / Lincoln Journal Star

Thursday, Jun 29, 2006 - 09:28:16 pm CDT

Personal and financial information of more than 300,000 people may be in the hands of a hacker following a Wednesday break-in of the state computer system that processes child-support payments.

A preliminary investigation of the incident suggests that the hacker did not download the information, said State Treasurer Ron Ross. But the possibility does exist.

“Based upon the method of attack, it is more likely the hacker’s intent was not to steal information, but rather to do something malicious since the hacker inserted a virus onto the server, which we immediately removed,” Ross said.

Story Photo
Ross

The child-support payment system was centralized in the treasurer’s office five years ago and now processes $1 million in transactions daily. Identity information potentially stolen by the hacker, which investigators believe may be based outside the U.S. and possibly in Asia, includes: names, addresses, bank account numbers, social security numbers and tax identification numbers.

 Roughly 300,000 individuals and 9,000 employers may be affected. Ross said it was the first time the computer system, called KidCare, had been hacked. He was not aware of similar security breaches in other states.

The break-in, which Ross said lasted about 40 minutes, was detected by an employee after coming to work Wednesday morning. The system is not monitored 24 hours a day by a person.

The State Patrol has initiated a full investigation that could include help from the FBI and other agencies. Ross pledged to “get to the bottom of it” and implement new safeguards to prevent future break-ins. But that won’t likely include round-the-clock monitoring of the system by a person.

“I don’t think we’re at a point in government we want somebody standing by a computer screen 24-7, but we do need protocols in place,” Ross said.

“We thought we had good safeguards...somebody got in a door we didn’t think they’d be able to get into.”

The hard drive and server affected by the breach were immediately replaced.

Unlike many arms of state government, the child-support system is not part of the state’s centrally controlled computer system, said Brenda Decker, chief information officer for the state. The incident will prompt state officials to take a closer look at whether it should be.

“We’re working with the State Patrol to see if we can make this as secure and hardened as the rest of the system,” Decker said.

Asked during a press conference if the child-support system had the best available security system, Ross said he believed it did.

Those who pay or receive child-support should closely monitor their bank accounts, and are advised to close them if the see suspicious activity.

Reach Nate Jenkins at 473-7223 or njenkins@journalstar.com.


$1 Sunday Delivery - Subscribe Today!
Local > Back to Top of Story

Post Your Comment

Standards and Rules
All posts to JournalStar.com are subject to our Terms and Standards.
Your posted comment will appear after it has been approved.
Frequently asked questions about story commenting.
(optional)
   
Hide Comments Hide Comments   Newest First Newest First  
Bad luck wrote on June 29, 2006 12:08 pm:
" I think Ron Ross is doing an admirable job in a deplorable position. He told us quickly, so at least we can check our accounts and get a credit report. However, they'd better get a grip on info control. "

 Brian wrote on June 29, 2006 1:01 pm:
" for as much as they get paid, and as smart as they think they are...dont you think the IT people could run a secure network? Firewalls do work...may want to look into it "

 luvwknd wrote on June 29, 2006 1:13 pm:
" I am a 20 year IT veteran and when I lived in Lincoln I continously applied for state IT jobs and was continously turned down, why? I have no idea; however I have performed contract IT work for the State of Nebraska and I was appalled at the skill level of the people the state had hired to facilitate positions that I was turned down for. All I got to say - it serves the State of Nebraska right for hiring such incompetent IT employees! "

 ET wrote on June 29, 2006 1:21 pm:
" Wow. A system that processes hundreds of millions of dollars' worth of transactions per year, is not monitored 24/7. Of course, to get 24/7 monitoring in, I suppose we'd need to add $56 million to the budget and hire 143 employees to do it, after 24 years of planning, 6349 consultants and 945 million meetings. Good grief people! "

Ads by Yahoo!