Students

ISU Security Breach Exposes SSN’s of 30,000 Students

By Staff Reporter

Apr 23, 2014 09:18 AM EDT

The security breach at Iowa State University Tuesday probably exposed social security numbers of students enrolled between 1995 and 2012.

The Information Technology Services said that the breach occurred in the servers of five departments (computer science, world languages and cultures, materials science and engineering) that contained 29,780 social security numbers and 18,949 student university Ids that do not have any use beyond the Ames campus. There was no financial information in the affected servers.

Two other servers (agricultural and biosystems engineering, and materials science and engineering) were also hacked but they did not contain any personal information.

University authorities said that the servers were hacked by an anonymous person, who planned to create bitcoins.

"We don't believe our students' personal information was a target in this incident, but it was exposed," Senior Vice President and Provost Jonathan Wickert said in a statement. "We have notified law enforcement, and we are contacting and encouraging those Social Security numbers were on the compromised servers to monitor their financial reports."

The University authorities discovered the unauthorized access late February and confirmed the breach March 17. Wickert said that they corrected and fixed the servers as soon as they found out, Quad City Times reports.

Annette Hacker, director of ISU News Service, said that until now they haven't found any evidence of information being used for illegal purposes. The five compromised servers were made by Synology that had previously reported similar attacks involving other users.

The university is offering a year free of credit monitoring and has hired AllClear, an identity protection firm, to help affected students.

The university has removed the damaged servers and taken similar servers off the internet to update them with hacking prevention software, Press-Citizen reports. They are planning to immediately implement its new "data collection policy," which provides for superior security standards and guidance, the Gazette reports. Tough password standards will also be introduced across all networks and mobile computers.

"Iowa State is not immune to hacking, but we are disappointed and sorry for the inconvenience this incident may cause," Wickert said. "We will continue to take every possible action to safeguard the personal information of those who learn and work here."

Tags isu, security, breach, ssn, students, Iowa State University, technology

Join the Discussion

Special Report

ISU Security Breach Exposes SSN’s of 30,000 Students

Pitzer College President Declines Call for Full Divestment From Israeli Universities, Emphasizing Commitment to Academic Freedom and Value of Intercultural Understanding

Continued Minority Underrepresentation Among Black and Hispanic Faculty in Higher Education Exists, GAO Study Finds

Arizona Governor Signs Bill Allowing Students to Opt Out of Funding Certain Student Organizations

Kansas Board of Regents Prohibits Universities from Requiring Diversity Statements

Department of Education's Threat To Shut Down Largest Christian University Sparks Controversy

House Committee Advances Bills Targeting 'Political Litmus Tests' in Higher Education

Highly Successful Learning Programs Explained: Study Reveals 3 Upskilling Areas and Their Impact to Workers

Breaking the Cycle: How to Overcome Adult Movie Addiction