MSU computers hacked

October 13, 2007

MSU News Service

http://newbillingsoutpost.com/news//index.php?option=com_content&task=view&id=19799&Itemid=27



Montana State University security experts have determined that an unknown hacker remotely accessed a computer server that housed records containing credit card numbers and social security numbers of students who enrolled online for MSU Extended University courses during the last two years.

The data in question were encrypted, and there is no evidence that personal information was stolen. However, the Extended University is sending information by mail to 1,400 people known to have personal information on the server. The letter includes information on how to receive a free credit report, flag a credit file with a fraud alert and monitor accounts for suspicious activity.

"Even though we don't believe any data was stolen, we are treating this as a serious situation and want to alert these students to the possibility that they were affected,. said Cathy Conover, MSU spokesperson.

Persons who suspect their data have been involved, and who do not receive a letter, should contact the MSU Extended University, (406) 994-6550 from 8 a.m..5 p.m., Monday through Friday, or by going to http://eu.montana.edu/security.

The incident does not affect MSU students who enrolled online for courses through the registrar.s office (MSU.s online MyInfo system), nor does it affect those who enrolled in Extended University courses in person or by mail.

Records of people who had registered online for courses and programs through MSU's Extended University going back to October 2005 may have been exposed. As soon as the security breach was discovered, the server was taken offline.

Because no proof exists that data were stolen, the incident is not treated as a criminal matter. However, MSU Police were informed of the event.

Computer servers at many prominent organizations have been breached in recent months, including several large universities and businesses. In nearly all cases, hackers were looking for temporary access to servers in order to send spam e-mails or serve as "warehouses" for downloadable applications.

Extended University is an MSU department that offers continuing education courses and distance degree and certificate programs.

A special Web site http://eu.montana.edu/security contains information about the incident and how to protect against identity theft.

For more information, call the Extended University at (406) 994-6550 from 8 a.m..5 p.m., Monday through Friday.


main page ATTRITION feedback