The university disclosed that in June 2018 whilst testing its servers for vulnerabilities it discovered a log that revealed an intrusion between April 2008 and January 2009. Intruders had gained access to a database stored on one of the university's servers. The university said that because it had happened a while before they did "not have much more information about how it occurred".
The exposed data included names and Social Security numbers and, in nearly all cases, dates of birth. In many cases, there were also university e-mail addresses and, in some cases, physical addresses. No financial information was breached.
Want to discuss this case? You can purchase a 30 minute conference call with our analysts to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:
We've done the analysis so you can make the decisions