On Tuesday, University of Alaska officials announced an attacker using employee credentials may have accessed student information.
How many victims? Approximately 5,416
What type of information? Names, social security numbers, transcripts, appeals forms, grant award amounts, addresses, and phone numbers where potentially compromised in the breach.
What happened? The breach occurred several months ago after the hacker established a “trust relationship” with a campus employee and then convinced the employee to log into a fraudulent web address using university credentials. Officials said that while student information was stored on a vulnerable network drive, there is no evidence that the information was accessed or stolen.
What was the response? Those who were affected are being offered identity protection services, an insurance policy to reimburse fraudulent expenditures that result from the breach, and complete access to a fraud resolution representative.
Quote: ““There is no evidence that there has been any use or attempted use of information exposed in this incident,” Karl Kowalski, the university's chief technology officer said in a Sept. 6 press release. “The University of Alaska went through a rigorous and thorough forensics investigation to determine whose information was affected.”