Over a four-week span, an unidentified hacker could have accessed a compromised Auburn University College of Business server that contained personal information – including Social Security numbers – on close to 14,000 current and former students, faculty and staff.
How many victims? 13,698.
What type of personal information? Names and Social Security numbers are among the information.
What happened? An unidentified hacker compromised an Auburn University College of Business server, which made the personal information accessible for four weeks.
What was the response? Upon discovery, the University patched the vulnerability and launched an internal investigation, as well as hired an outside computer forensics expert to determine the scope of the breach. All impacted individuals are being notified and offered a free year of credit monitoring and identity theft protection services.
Details: Auburn University became aware of the compromised server on Nov. 20, 2013. The hacker may have accessed the compromised server between Oct. 21, 2013, and Nov. 20, 2013. The information primarily involved courses taken by the students and work performed by the faculty and staff.
Quote: “At this time, Auburn has no evidence that the files containing personal information were actually accessed and is unaware of any actual or attempted misuse of this personal information,” according to a statement emailed to SCMagazine.com on Friday.
Source: An Auburn University statement emailed to SCMagazine.com.