Minnesota School Knocked by Data Breach

  • By Dian Schaffhauser
  • 01/26/15

Metropolitan State University went public this month with the news that a hacker had broken into one of its servers containing personal information about faculty, staff and students. In a president's letter to the community, the institution said it did not "believe this server contained any financial data or credit card information"; however, several databases did contain employee Social Security numbers. The extent of the damage is unknown.

When the breach was discovered Jan. 2, the university contacted the office of the Minnesota State Colleges & Universities system, of which it is a member, as well as the IT division of the state of Minnesota. The affected server was "isolated" from the network, and law enforcement was notified.

According to a question and answer document online, Metropolitan found out about the breach when it was contacted by a "private information sharing community of trusted research and higher education partners." The service had come across a "blog posting by a computer hacker who claimed to have accessed numerous Web sites and data servers." Although the service wasn't named, the Minnesota system is a member of REN-ISAC, the Research and Education Networking Information Sharing and Analysis Center.

The university reported that it was moving its Web site to a new server as a result of the breakin. That migration was expected to cause "some disruption" of site's functionality.

The investigation is still ongoing, the institution said, and it expected to notify those whose personal information may have been stolen through mail and "other means."

"The university sincerely regrets this apparent breach and any inconvenience it may cause," said Interim President Devinder Malhotra in his letter.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • a glowing gaming controller, a digital tree structure, and an open book

    Report: Use of Game Engines Expands Beyond Gaming

    Game development technology is increasingly being utilized beyond its traditional gaming roots, according to the recently released annual "State of Game Development" report from development and DevOps solutions provider Perforce Software.

  • abstract representation of equity at the core of AI

    Why Equity Must Be a Core Part of the Conversation About AI

    AI is an immensely powerful tool that can provide customized support for students with diverse learning needs, tailoring educational experiences to meet student’s individual needs more effectively. However, significant disparities in AI access and digital literacy skills prevent many of these same students from fully leveraging its benefits.

  • Man wearing headset working on a computer

    Internet2: Network Routing Security and RPKI Adoption in Research and Education

    We ask James Deaton, vice president of network services, about Internet2's initiatives and leadership efforts to promote routing security and RPKI adoption in research and higher education networks.

  • network of transparent cloud icons, each containing a security symbol like a lock or shield

    Okta, OpenID Foundation Propose New Identity Security Standard

    Okta and the OpenID Foundation have announced the formation of the IPSIE Working Group — with the acronym standing for Interoperability Profiling for Secure Identity in the Enterprise — dedicated to a new identity security standard for Software-as-a-Service (SaaS) applications.