George Mason University detected a malware intrusion into its travel booking system on July 16. No personal information is thought to have been viewed, but the incident could have affected up to 4,400 users.

How many victims? 4,400 users of George Mason University's travel request system 

What type of personal information? The system stored names and Social Security numbers, although they aren't believed to have been accessed or viewed, Marilyn Smith, vice president for IT and CIO, said in an interview with

What happened? An unauthorized party might have used malware to access information stored in the university's Travel Request Service application, which is used to help faculty, staff, students, candidates, guest speakers and others book travel that the university will subsidize.

What was the response? The university sent out letters to affected users, opened a help line, and is offering complimentary one-year membership to ProtectMyID, which detects misuse of victims' personal information. It also deleted all Social Security numbers from its system.

Details: An investigation into the incident showed no evidence of any information being accessed or viewed by an unauthorized party, but it also didn't confirm whether or not unauthorized access into the system occurred.

Source:, “George Mason Letter to Consumer,” 2014