14 DAY TRIAL // Cybercriminals could have stolen the personal details of 15,000 University of Wisconsin-Parkside students with the aid of malware planted on one of the educational institution’s servers.
According to a report published by the university on Thursday, the breach was discovered on March 16 when Campus Technology Services staff identified a piece of malware on a server during routine maintenance procedures.
The server in question contained the names, addresses, phone numbers, email addresses and social security numbers of 15,000 students. The impacted students are ones who have been admitted or enrolled at the University of Wisconsin-Parkside since fall 2010. Affected individuals are being notified via email and U.S. mail notifications.
The breached server was shut down shortly after the intrusion was detected. UW-Parkside Police and Public Safety Department, and University of Wisconsin System legal counsel have been notified. Security company 403 Labs, a Division of Sikich LLP, has been called in to investigate the incident and determine the full extent of the breach.
It’s uncertain who has planted the malware, but after the initial investigation, there’s no evidence that the attackers have downloaded names or social security numbers.
While there’s no indication that the cybercriminals want to steal identities, as a precaution, impacted students are being notified and instructed to take the necessary steps to protect their identity and their bank accounts.
“UW-Parkside takes the security of all data, especially the personal information of its students, extremely seriously. We apologize for any concern this issue may cause the students and their families potentially affected,” stated Ilya Yakovlev, UW-Parkside chief information officer.
“We believe the chance of sensitive data falling into the wrong hands is remote. At the same time, we have a responsibility to move quickly, conduct a thorough investigation, and ensure that this does not happen again,” Yakovlev added.
UW-Parkside students who want additional information on the incident can call the helpline number set up by the university (888-766-2712) or send an email to [email protected].
Universities are often targeted by cybercriminals because their servers store large amounts of sensitive information that can be used in fraud schemes.
The latest incidents are the ones involving the University of Maryland and the North Dakota University System. In the case of the North Dakota University System, hackers gained access to a server storing the details of 290,000 people.
However, a couple of days ago, the organization’s officials revealed that no file or personal information was compromised.