The personal data of 800,000 current and former UCLA students, faculty and staff has been compromised by hackers, according to AP reports on Tuesday. Most readers have probably already seen the headline and story, but the incident is worth further discussion because it illustrates what seems to be a new cyber crime tactic- slow, quiet, deliberate action to avoid detection. The attacks on the database began in October 2005 and ended on November 21, 2006. Presumably, the hackers were pulling small amounts of data in an attempt to avoid, or at least delay, detection. There is a corollary with Spam methods, where Spammers have shifted tactics from pushing massive amounts of spam from a smaller number of bot infected PCs, to pushing smaller amounts of spam from a huge number of bot infected PCs. The web thugs are not stupid, nor are their tactics static.