[BreachExchange] University of Alberta students, faculty members notified of potential data breach

Audrey McNeil audrey at riskbasedsecurity.com
Fri Jan 6 13:55:29 EST 2017


http://www.cjob.com/syn/98/173258/universty-of-alberta-
students-faculty-members-notified-of-potential-data-breach

The University of Alberta said Thursday it has reached out to more than
3,000 people whose university passwords were potentially at risk after a
malware incident in November.

On Nov. 22, malware – a type of malicious software that tries to infect a
computer – was detected on 287 U of A computers in the Library Knowledge
Commons and in the Centennial Centre for Interdisciplinary Science.

A police investigation found malware on 17 additional computers in labs and
classrooms in the Computing Science Centre.

The malware had the potential to steal password information, but the
university said attempts to do so were not successful.

On Nov. 23, the university sent an email to 3,304 students and faculty
members whose passwords were potentially at risk. They were asked to reset
their passwords. On Dec. 8, 19 more people were notified of the potential
risk.

The university said it was not able to make the potential security breach
public until now because of an ongoing police investigation.

“All individuals potentially affected by the information security incident
were advised promptly and in accordance with the university’s procedures
and best practices,” the university said in a campus-wide notification.

The university said its Information Services and Technology (IST) unit
developed controls against the malware and ensured the school’s computer
systems are safe and secure.

The university believes someone with direct access to the computers
installed the malware, which was discovered by the university’s IST unit.

The incident remains under investigation by the EPS.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170106/cd6fce1d/attachment.html>


More information about the BreachExchange mailing list