Parents, students, and staff of the University of Alaska are being made aware that their information may have been included in a data breach that happened between January 31st and February 15th of last year. Quite a bit of information was possibly included in the breach and it is likely that it is connected to issues some users were having when trying to access their email. Information that could have been obtained by unauthorized parties includes the individual’s name, ID number, birth date, digital signature, drivers license number, username, and account password. A smaller number of victims may have had financial account numbers, health insurance information, passport numbers, student ID numbers, and Social Security numbers included as well. The university hired a third-party security firm to look into the incident and they discovered that many of the users who were affected had their passwords changed by the attackers, making it even more difficult to retrieve their accounts. Since the discovery, all parties who may have been affected were notified and password security protocols have been upgraded. Credit monitoring service has also been offered for free by the university.
Analyst Notes
Since email accounts were involved, it is likely that phishing attempts will be increased so users will want to be aware of what these emails look like and if they do receive one, they should report it immediately. All passwords should be changed, especially if a user utilizes the same password for multiple accounts. When providing financial information, even if it is believed to be a trusted source, users should still be cautious and ask how the entity they are providing the information to will protect their data.
