The University of Wisconsin- Milwaukee is sending letters to approximately 75,000 individuals associated with the university, informing them of a computer security incident that may have exposed records containing their names and Social Security Numbers. Those affected are primarily current and former employees and students.
On May 25, university technology staff found that unauthorized individuals had installed malware (computer viruses) on a university server that housed a software system that managed confidential information for several departments. The university immediately shut down the system and reassessed security before restarting it. The university also reported the incident to local and federal law enforcement. With the help of a national computer security consultant, the university launched an investigation to determine the source and extent of the security breach.
Several weeks into the investigation, on or around June 30, the university discovered that a database associated with the system was accessible to the hackers. This database contained the names and Social Security numbers of approximately 75,000 individuals associated with the university.
As with many such incidents, the investigators have not been able to identify those who gained unauthorized access. Investigators theorize that the motive was not identity theft, and could find no proof of any attempt to download names or Social Security numbers from the database.
The university has provided the affected individuals with information on protecting personal information and monitoring credit accounts to prevent identity theft.
In addition to reassessing security on the affected system to prevent unauthorized access to the database, the university has put in place additional security measures on its information technology systems.
For more information, go to http://www.computersecurity.uwm.edu.
