Possible data breach affects roughly 15K UW-Parkside students

KENOSHA (WITI) -- The University of Wisconsin-Parkside notified approximately 15,000 students on Thursday, March 27th of the potential exposure of personal data. University officials say the FBI is being called in to investigate.

Notifications were sent to the most recent email and U.S. mail addresses on file. The data that is potentially at risk includes names, addresses, telephone numbers, email addresses, and Social Security numbers of students who were admitted or enrolled at the university since fall 2010.

University officials first became aware of the situation March 16th when Campus Technology Services staff, performing routine maintenance, discovered that computer hackers had installed malware (a computer virus) on one university server.

Anyone who was admitted to the school, or has attended UW-Parkside since the fall of 2010 may have had their information compromised.

The server on which the malware was discovered was immediately shut down.

The incident was reported to the UW-Parkside Police and Public Safety Department, and University of Wisconsin System legal counsel. With the help of an international computer security consultant (403 Labs, a Division of Sikich LLP) the university launched an investigation to determine the source and extent of the security breach.

As with many such incidents, the malware did not indicate its source or those who gained unauthorized access. Investigators found evidence indicating that the attacker’s motive was not identity theft and they have found no proof of attempts to download names or Social Security numbers.

"This malware was searching for credit card information, with the purpose of taking off with the credit card information. The particular server it was in did not have any point of sale information in it," UW-Parkside Assistant Chancellor John Jaraczewski said.

However, because any incident that potentially exposes personal information could contribute to the risk of identity theft, university officials are notifying the students involved so that they may take the proper steps to protect their identity and monitor their credit reports and financial statements.

“UW-Parkside takes the security of all data, especially the personal information of its students, extremely seriously. We apologize for any concern this issue may cause the students and their families potentially affected. We believe the chance of sensitive data falling into the wrong hands is remote. At the same time, we have a responsibility to move quickly, conduct a thorough investigation, and ensure that this does not happen again," ,” Ilya Yakovlev, UW-Parkside chief information officer said.

School officials say they do not believe any personal information or social security numbers were downloaded -- but to be safe, they are asking students to keep an eye on their bank accounts.

In addition to notifying those potentially affected, UW-Parkside established a FAQ website. Get more information by CLICKING HERE.