FARGO – The discovery of malware on North Dakota State College of Science computers that stored the personal information of more than 15,000 current and former students and employees has prompted the school to tighten its network security and offer a year of free identity-theft protection to those affected.
College officials say there’s no evidence that anyone without authorization has accessed or illegally used the personal information, which included names, mailing addresses and Social Security numbers.
“We do not believe any private information has been compromised. However, we cannot be fully confident,” NDSCS President John Richman said Thursday at a news conference on the school’s Fargo campus.
Cloy Tobola, the college’s chief information officer, said network sensors detected the malware, software intended to damage or disable computers, on Sept. 1, and staff began checking the school’s computers to see which ones were infected. He said the malware was found at the NDSCS campuses in Wahpeton and Fargo on about 200 school-owned computers, some of which contained personal information.
Asked why NDSCS waited more than five weeks to warn its community about the breach, Richman said the college needed time to investigate the problem and develop a response, such as establishing a call center to field questions and arranging for identity-theft protection. “We needed to understand the depth and the scope of this exposure,” he said.
Tobola said that while the malware was found Sept. 1, digital logs showed that some computers were infected as early as Aug. 15.
In February, officials discovered a breach of a North Dakota University System server that contained personal information, including Social Security numbers, of more than 290,000 current and former students and about 780 faculty and staff. In that case, nothing suggested that personal information was accessed.
Richman said the NDUS breach is not related to the NDSCS case. Tobola said the NDUS attack targeted a server that held large amounts of data, while the NDSCS case involved individual computers used by employees whose work required regular access to the personal information.
“This was a malware that we don’t think was necessarily there to steal data,” Tobola said. “We believe it was probably the type of software that would be used to send out spam or potentially to attack other computers.”
NDSCS, which has more than 3,000 current students, is sending letters to the students and employees whose information was affected.
Nikolas Kukert, president of the student senate, said he has not been contacted and that he doesn’t know of anyone who has been. Kukert described the incident as unfortunate but said he’s not overly concerned.
“I have faith in the school that they’re doing what they think is right,” he said.
Information technology staff from NDUS and an outside forensic organization are auditing the NDSCS computer security systems, and the matter has been reported to campus police and the FBI.
Tobola said that in recent years, NDSCS has worked to secure network hardware, install antivirus software and make sure every computer requires a log-in code. But he acknowledged that the personal information that was recently exposed had not been protected by encryption.
Tobola said NDSCS is starting to use an encryption process to lock files on the college’s computers. He said the infected computers already had antivirus software but that an additional layer of protection is being added to those machines.
If you have questions about the computer security breach at NDSCS, call (877) 615-3755. The toll-free hotline opens 8 a.m. today. The hotline will be open from 8 a.m. to 8 p.m. Monday through Saturday into the foreseeable future. For more information, visit www.ndscs.edu/data.