UNASKED QUESTIONS 4
posted by James Reel
Both the Arizona Daily Star and the Tucson Citizen today report on the University of Arizona’s computer security breach, as detailed in a memo e-mailed to the campus community yesterday by UA executive VP and provost George Davis. Wrote the provost, in part:
Last week, The University of Arizona detected unauthorized access into computer systems on campus, which temporarily has affected some services in three areas. Those areas include Procurement and Contracting Services (PACS), the Student Union and University Libraries.Both newspaper reporters made some calls and got some quotes, not just parroting Davis’ memo, and that’s good. But neither one connected a certain pair of dots. Earlier yesterday, Davis circulated another announcement (dated Jan. 5):
So far, no additional breaches have been confirmed, although we continue to scan systems throughout campus. The University first confirmed the unauthorized access January 2, 2007; some servers and computers appear to have been illegally breached at different times in November and December. Hackers installed software to store files (such as movies or games) on the systems, and may have attempted to access other information. At this point, no evidence exists that data actually were accessed in any way and no evidence exists of theft, including data theft, money theft or other.
After 5 years of service, Professor Sally Jackson has asked to be relieved of her duties as Vice President for Learning and Information Technologies and Chief Information Officer (CIO) of The University of Arizona. In consultation with Sally and with President Shelton, I have decided to make this change effective immediately. From now until June 30, 2007, Sally will be serving as Senior Associate to me on core projects in Academic Affairs, following which she will return to her faculty position as Professor in the Department of Communications.That memo continues with the usual comments about Jackson’s fine achievements and how somebody will probably hold a reception in her honor, eventually. Now, the question the newspaper reporters should have asked Davis is this: Is there any connection between the computer breach and Jackson’s request to step down? After all, Jackson’s purview has included the UA computer network. Maybe she’s being punished (or voluntarily falling on her sword); maybe there’s no connection at all. But the reporters should at least have asked, and included in their articles the official answer, even if it was “absolutely not” or “no comment.”
