12 Mar 2014
A server with personal details of 290,000 people was breached at the North Dakota University System (NDUS), according to Softpedia News.
The breach, which was discovered in February, allegedly occurred in October 2013 via a compromised account. It’s unclear how the attackers gained the login credentials.
“Based on the forensic investigation, it is likely the intruder's intent was only to use the server's processing power to launch attacks on other computers and systems,” the NDUS FAQ reads. “The intruder may not have even been aware that the sensitive information was stored on this server.”
Personal details, including social security numbers of 291,465 former and current students, were stored on the server. Also details of this fall’s applicants were included.
Employee IDs and social security numbers of 784 faculty and staff members were stored on the same server.
No evidence suggesting that the attackers stole any information was found in a NDUS forensics analysis. NDUS set up a call center to answer questions by affected individuals and provides a one-year free Identity Protection Coverage.