North Dakota State College of Science (NDSCS) is notifying more than 15,000 current and former students and employees that malware was discovered on numerous computers that contained their personal information – including Social Security numbers.

How many victims? More than 15,000. 

What type of personal information? Names, mailing addresses and Social Security numbers.

What happened? Malware was discovered on a number of NDSCS computers – which contained the personal information – in Wahpeton and Fargo.

What was the response? The computers involved in the incident were secured. NDSCS is updating login information on administrative systems, installing additional monitoring and scanning software on individual computers and servers, and is implementing an encryption process to lock files on employee computers. An audit of NDSCS technology systems is being conducted. All impacted individuals are being notified, and offered a free year of identity protection services.

Details: The malware was discovered on Sept. 1. Current information indicates the malware was on some NDSCS computers in mid-August 2014. Based on a forensic investigation, the malware was likely intended to be used on the affected computers to launch attacks on other computers and systems.

Quote: “We have found no evidence that any unauthorized individual accessed or is using the personal data,” Cloy Tobola, chief information officer with NDSCS, stated in the release posted to the NDSCS website.

Source:, “NDSCS reports malware activity found on Wahpeton and Fargo computers,” Oct. 9, 2014.