14 DAY TRIAL // Administrators at the Concordia University in Montreal, Canada, discovered hardware-based keyloggers on a few terminals at two of their libraries.
The devices were found on express workstations located on LB2 in the Webster Library and on express workstations located in the Vanier Library on VL1.
University staff discovered the incident when they moved the express workstations in the Webster Library from LB2 to LB3 in February 2016.
Only library express workstations were affected
Express workstations are computers open to public use for a maximum period of ten minutes. Because of this limited lifespan, most students use them for quick searches or to quickly check their email, banking, or university accounts.
A hardware-based keylogger is a device installed between the computer port and the termination of a keyboard's cable. The device captures all keystrokes entered via that specific keyboard and stores them for later analysis.
Once the devices were discovered at the University, staff members removed them, pulled the workstations for in-depth analysis, and conducted a visual inspection of all other PCs.
Concordia also notified local Montreal police and has issued a statement surrounding the incident on its website, alerting its students.
Students, staff members urged to change passwords
The University says that the 272 laptops on loan to students and personnel and the other 432 library workstations are not affected by the incident.
Management is urging students and staff who have used the affected workstations in the past 12 months to change the passwords for the accounts they logged into, and especially the password for their MyConcordia profile.
Those who want to file criminal complaints can do so in person at Concordia’s Security Department on their two campuses.
To avoid any complications, the University is recommending that affected victims should notify government agencies of the potential for fraud on their accounts and activate a fraud alert with a credit reporting agency.
