Roughly 15,000 University of Wisconsin-Parkside (UW-Parkside) students are being notified that their personal information – including Social Security numbers – may have been compromised by hackers who installed malware on a server.
How many victims? About 15,000.
What type of personal information? Names, addresses, telephone numbers, email addresses and Social Security numbers.
What happened? While performing routine maintenance, UW-Parkside technology services staff discovered malware on a university server that contained the personal data.
What was the response? Upon discovery, the server was immediately shut down and the breach was reported to law enforcement. An investigation was launched and aided by a computer security consultant. The university is notifying all impacted students.
Details: UW-Parkside first became aware of the malware on March 16. Impacted students were admitted or enrolled in the university beginning in fall 2010. Investigators have reason to believe the attacker's motive was not identity theft, and said there is no evidence that the information has been copied.
Quote: “We believe the chance of sensitive data falling into the wrong hands is remote,” Ilya Takovlev, chief information officer with UW-Parkside, said in a notification. “At the same time, we have a responsibility to move quickly, conduct a thorough investigation, and ensure that this does not happen again.”
Source: uwp.edu, “Data Security Personal Information Notification,” March 27, 2014.