2 min read

Butler University data breach victims stretch back over 30 years

Graham CLULEY

July 01, 2014

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Butler University data breach victims stretch back over 30 years

Some 163,000 people are receiving letters through the mail right now, and it’s not good news.

Butler University in Indianapolis has the unpleasant task of informing students, alumni, faculty, staff and even past applicants who never even attended the university, that their personal and financial information has been stolen by hackers.

The letter, signed by University president Jim Danko, offers some details of how it came to discover that it had been hacked and the nature of the stolen information:

On May 28, 2014, Butler University was contacted by Californian law enforcement and alerted to an identity theft investigation in which the suspect had in his possession a flash drive containing the personal information of certain Butler University employees. Upon learning of this, Butler University immediately notified the affected employees and launched an internal investigation. This investigation revealed that this personal information could have originated from unauthorized hacking into Butler University’s computer network between November 2013 and May 2014. Third-party computer forensic experts were retained by Butler University to confirm these findings and to identify the full extent of data potentially exposed as a result of this incident, While these investigations are ongoing, we have determined that files containing your name, date of birth, Social Security number, and bank account information were accessible to the hacker(s) during this time period.

The letter goes on to promise a year’s complimentary identity theft protection. But what people really wanted was for their information to be properly secured in the first place (or safely wiped when no longer required).

After all, what happens if the bad guys take over a year to exploit the information? Presumably Butler University’s fig leaf of 12 months’ protection isn’t going to be much help then.

The letter has confused some recipients, who suspected that it might be a scam.

Sadly, it isn’t.

According to the Indy Star, Butler spokesperson Marc Allan confirmed that even people who graduated as far back as 1983 could have had their information exposed by the security breach.

1983. Let that sink in for a moment.

That’s over 30 years ago. 1983 was when a young Matthew Broderick and Ally Sheedy hacked into military computers in the movie “WarGames” for heaven’s sake.

That’s a lifetime ago.

What are the chances that Butler University still has up-to-date addresses for all 163,000 people stretching back that many years?

Mind you, if they did have up-to-date contact information. Would you have trusted them to keep it safe?

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials
Silviu STAHIE

November 26, 2021

1 min read
Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group
Filip TRUȚĂ

November 26, 2021

1 min read
Couple arrested for secretly installing cryptomining software on department store PCs Couple arrested for secretly installing cryptomining software on department store PCs
Graham CLULEY

November 26, 2021

1 min read