The information was exposed when a hacker managed to breach the HuskeyDirect.com database, which has billing information for about 18,000 customers who use the site to buy Husky-branded sports items from the UConn Co-op. The Co-op acts as the university's bookstore but is a run as a separate, member-owned non-profit group.

The information includes names, addresses, e-mail addresses, credit card numbers, expiration dates and codes.

The retail site is managed for the co-op by an unnamed third-party vendor. It was this vendor that alerted the co-op about the attack, according to a on Jan. 11. 

In a separate FAQ, the co-op says the Web site vendor reported that the hacker had compromised an administrative password to gain access to the encrypted credit card data. "The hacker appears to have unencrypted that data," according to the .