San Diego man charged over uni hack

A 25-year-old San Diego man has been charged with hacking into the University of Southern California's (USC) online application system and nabbing personal data from prospective students.

On Monday, the US Attorney's Office in Los Angeles filed a criminal complaint against Eric McCarty, a network administrator, for allegedly exploiting a vulnerability in a USC database that hosts and stores student applications. Officially, he's charged with "intentionally transmitting a code or command to cause damage to the USC online application system", according to the US Attorney's office.

Michael Zweiback, an assistant US attorney in the cyber crimes and intellectual property unit, said the case reflects a growing trend among hackers.

Zweiback said: "Universities are becoming bigger and bigger targets to the hacker community because they are large institutions... and hackers always want to see if they can beat the technical people on the other side."

According to the complaint, McCarty allegedly used his home computer on 17 June last year to hack into a password-protected USC database. It contained data on more than 275,000 applicants from 1997 through that time, including Social Security numbers and birthdates. USC shut down the website on 21 June after learning about the hack from SecurityFocus. The site was offline for two weeks.

The FBI, which investigated the breach, found McCarty through the IP number on his home computer.

McCarty faces up to 10 years in federal prison if convicted of computer hacking. He is scheduled to appear in Los Angeles District Court on 28 April.

Stefanie Olsen writes for CNET News.com