NDUS server attacked

Cyber attack aftermath leaves 291,465 former and current NDUS students in danger of identity theft.

UND students and staff are now keeping a close eye on their personal information after an online attack against the North Dakota University System came to light last month.

An entity working outside the U.S. used the system as a launching pad to attack other computers, and it is uncertain whether any information stored on the system was accessed.

NDUS stores the records of 784 staff and 291,465 students, including 1,300 applicants for Fall 2014 from colleges and universities across the state.

“An attack of this magnitude has not happened before,” NDUS spokeswoman Linda Donlin said. “We’ve seen what we call ‘smaller security breaches’ when wrong emails were sent with personal information, but never an attack on the system.”

Names and social security numbers were stored on the system, but no credit card or bank information was in danger of being compromised.

“My understanding is that there was no financial information on the system,” UND spokesman Peter Johnson said. “The attackers probably were not interested in the information on the system — they just wanted to use it to attack other servers.”

While there has been no fraudulent use of information reported yet or any other evidence the intruder accessed the sensitive information, Donlin said the possibility cannot be ruled out.

“An easy way to think about it is that we know somebody walked into our office, but we don’t know if they looked at our files,” she said.

The unauthorized access to the system started in October 2013, but NDUS’s servers manager, Core Technologies Services, didn’t discover the suspicious activity until Feb. 7, immediately securing the server to remove access to the intruders.

An email explaining the attack was sent to students and staff on Mar. 5. According to the informational website set up by NDUS, the delay in notification was due to time needed to investigate the situation, understand who was affected and secure the server so they would not attract the attention of other attackers.

These are just a few of the multiple steps that NDUS has taken to resolve the issue. NDUS has already increased security on its servers and contacted the FBI and an additional forensic organization to assist with investigations. The organizations are still trying to figure out how the attackers succeeded at cracking into the system and whose information may have been accessed. NDUS will soon be sending emails to each person who was affected, specifying which information was compromised and offering them free identity protection services for the next 12 months.

“We signed a contract with AllClear, an identity theft protection service,” Donlin said. “We have also established a call center, so that if someone believes their information could have been affected but they haven’t been notified, it can be looked up.”

Donlin offered further advice on what precautions the students and staff of UND should take at this time.

“I think people should be super careful watching anything that has to do with their financial information, like banking or credit,” she said. “The first thing an attacker would probably do is use information and a social security number to access those. Also, people should use caution with any phone calls and not give out any information unless they have initiated the contact themselves.”

Johnson assures that, with help from UND, vigilant students should not run into any major problems.

“The best thing students and faculty can do is continue to monitor their credit scores,” he said. “The university system is willing to help people if their information was on the server.”

Emmy Erbes is a staff writer for The Dakota Student. She can be reached at [email protected].