UPDATE: Phishing Attacks Directed at NDUS Users After Server Bre - Valley News Live - KVLY/KXJB - Fargo/Grand Forks

UPDATE: Phishing Attacks Directed at NDUS Users After Server Breach

Posted: Updated:


An email was issued to certain staff in the North Dakota University System (NDUS) regarding possible phishing attacks related to the NDUS server breach. An email from Darin King, NDUS Deputy CIO, was sent to Bismarck State College (BSC) employees and states in part, "We are getting reports of phishing attacks directed at users, likely due to this incident".
This message is a reminder to be extra cautious and to remember that normal phishing guidelines still apply.  It's also important to remember that BSC, NDUS and most reputable organizations never request sensitive account information such as user names and passwords.
Here are some tips to help protect against phishing attempts:
·         If you are sent a questionable e-mail, do not respond or click on any links.
·         Be defensive with your personal and campus information.
·         Evaluate all communications carefully.
·         Be suspicious of every request for personal or proprietary information unless you initiate the conversation.
·         Be wary of clicking links in e-mail messages and instant messages.
·         Remember phishing sites can look extremely realistic.  Reputable organizations rarely initiate online requests for such information.
·         Use extreme caution when providing sensitive data, especially in an e-mail message, instant message or pop-up window.
·         Navigate directly to trusted web sites by entering the URL in the browser Address Bar, rather than navigating through embedded hyperlinks.
·         Check to see if there are HTML or other errors (i.e., spelling, grammar, etc.).
·         When you are entering personal or financial information on a web site, check the security certificate and/or make sure the site utilizes Secure Hypertext Transfer Protocol (represented by a Web address prefix of "https"). 
As always, if you have questions or concerns regarding messages, especially unsolicited messages, please feel free to contact our Help Desk at 224-5440.



The digital security breaches continue to pile up and this time North Dakota college students and faculty may be the ones to fall victim. North Dakota's University System has reported suspicious activity on one of its computer servers that took place between October of 2013 and February 7th.

That server holds records of more than 290,000 current and former students, and about 780 faculty and staff. Names and social security numbers were stored on the server, but no credit card or bank account information. The activity has since been shut down, but that is not stopping students from worrying.

NDSU teacher and gradate student Vickie Conner was checking her phone this morning when she received a troubling email from North Dakota University System Chancellor Larry Skogen. "Wow you know," says Conner, "It's unfortunate that we can't feel safe in the university system, and that people are hacking into our information and it's kinda a scary thing."

Many expressing concerns about their social security numbers, addresses, and even their parent's information.

"Kinda a surprise just cause I always do feel safe and secure on campus," says Allison Van Zuilen, a student at NDSU, "And my information is always safe and secure, and the fact that there was a break makes me think, oh wow, maybe not everything is so safe."

The email says, "There is no indication that any of the personal information was actually accessed" "Nevertheless, we are making every effort to inform people of the situation...."

NDUS Communication Director Linda Dolin says, "We had a malicious attack from a outside organization or person, probably from off shore that was using our server as a launching pad for malicious attacks on others."

Conner says there's a lot of sensitive information she wouldn't want anyone to see. "It's very scary, it's something we need to improve upon if that's something that is happening, and we trust that our university system will do that," she says.

NDUS Chancellor Skogen says there are no leads on who exactly hacked their system. The investigation is still ongoing. While no students or faculty have come forward with problems, they are trying to take precautionary measures. They are providing identity protection for anyone "at risk" of being hacked, and they are setting up a hotline for those with questions.

Learn More Here: http://ndus.edu/data/


Original Story:

Core Technology Services, the information technology arm of the North Dakota University System, has discovered and shut down suspicious access to one of the university system's servers. An entity operating outside the United States apparently used the server as a launching pad to attack other computers, possibly accessing outside accounts to send phishing emails.

Unfortunately, personal information, such as names and Social Security numbers, was housed on that server. There is no evidence that the intruder accessed any of the personal information. As a precautionary measure, steps are being taken to inform all who could potentially be impacted by the suspicious activity. 

"Information security is of the utmost importance to us, and it is very unfortunate this has happened" said NDUS Interim Chancellor Larry C. Skogen. "We are working diligently to help make sure this doesn't happen again. It's disturbing that higher education is often targeted by criminal elements in today's global assaults on IT systems."

Records of more than 290,000 current and former students and about 780 faculty and staff resided on the server. No credit card or bank account information was contained in the records. The suspicious activity was discovered on Feb. 7, and the server was immediately locked down. A thorough internal investigation and forensic analysis was conducted to understand the cause and scope of the incident. Law enforcement has been contacted, and the server information

was also sent to a national forensic organization to confirm the internal analysis.

"There is no indication that any of the personal information was actually accessed," said Lisa Feldner, vice chancellor for information technology and institutional research.  "Nevertheless, we are making every effort to inform people of the situation and are taking every possible precaution to safeguard our systems."

In response to incidents like this one and to help prevent them in the future, NDUS is continually modifying its systems and practices to enhance the security of sensitive information. To support this effort, NDUS removed all access to the affected server and revalidated each individual user, initiated more stringent intrusion detection measures, and developed a taskforce to address how we access data securely. 

NDUS has established a web page that provides more details about the incident. It will be updated on a regular basis as new information becomes available. In addition, NDUS is making arrangements to provide identity protection services for one year for all those who wish to use it. A call center will be established soon to assist those who have additional questions. More information about these services will be posted on the website as soon as it is available.

"We completely understand that this incident could be distressing," said Skogen. "We certainly hope that no one experiences any negative impact from this intruder's actions, but we are providing resources for those who would like them, and we will keep people apprised of any new developments."

Powered by WorldNow
Powered by 

WorldNowAll content © Copyright 2000 - 2014 WorldNow and Valley News Live. All Rights Reserved.
For more information on this site, please read our Privacy Policy and Terms of Service.