Christopher Andrew Phillips, 20, turned himself in to the U.S. Secret Service in Austin early Friday. He was charged with unauthorized access to a protected computer and using the identification of another person with intent to commit a federal offense.
Phillips wrote and executed a computer program that allowed him to gain unauthorized access to a database at the university and download thousands of names and Social Security numbers, according to the complaint.
Secret Service Agents searched Phillips' residences in Austin and Houston and seized several computers March 5, U.S. Attorney Johnny Sutton said. They recovered the data and the computer program at Phillips' Austin home, he said.
At this point, Sutton said, there is no indication that the stolen data was further disseminated or used to harm anyone. He said, however, that persons directly affected by this should remain alert for possible misuse of their personal information.
"We are very pleased that this was concluded quickly," said Don Hale, vice president of public affairs at the University of Texas.
Computer logs indicated the information was stolen over a five-day period that began Feb. 26, according to UT officials. The university has set up a Web site with more information: utexas.edu/datatheft.
UT officials said the computer breach could have been prevented with basic precautions and they are redoubling security measures and plans to phase out most uses of Social Security numbers on Austin campus.
"We have had an effort for some time to make our campus network more secure," said Hale. "What this (incident) does is bring it to greater attention on campus. The importance of a secure computer system."