Breach, Compliance Management, Data Security, Privacy

University of Alaska breach may have exposed student info

On Tuesday, University of Alaska officials announced an attacker using employee credentials may have accessed student information.

How many victims? Approximately 5,416

What type of information? Names, social security numbers, transcripts, appeals forms, grant award amounts, addresses, and phone numbers were potentially compromised in the breach.

What happened? The breach occurred several months ago after the hacker established a “trust relationship” with a campus employee and then convinced the employee to log into a fraudulent web address using university credentials. Officials said that while student information was stored on a vulnerable network drive, there is no evidence that the information was accessed or stolen.

What was the response? Those who were affected are being offered identity protection services, an insurance policy to reimburse fraudulent expenditures that result from the breach, and complete access to a fraud resolution representative.

Quote: ““There is no evidence that there has been any use or attempted use of information exposed in this incident,” Karl Kowalski, the university's chief technology officer said in a Sept. 6 press release. “The University of Alaska went through a rigorous and thorough forensics investigation to determine whose information was affected.”

Source: University of Alaska press release, The Associated Press    

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.