The University of Nebraska recently acknowledged that a breach of its Nebraska Student Information System may have exposed personal information on more than 650,000 students, parents, employees, alumni and applicants. The Nebraska Student Information System contains Social Security numbers, addresses and grades, as well as personal and financial information on parents of students who applied for financial aid.
"On May 23, 2012, a staff member of the Computing Services Network detected a security breach in the Nebraska Student Information System, indicating that an individual had gained access to the database," the university said in a statement. "This was a sophisticated and skilled attack on our system that was discovered and shut down within hours of its discovery."
Yesterday, the university's information security officer said authorities had a lead on who might have been responsible for the breach. "No arrest had been made, NU's Joshua Mauk said," writes The Omaha World-Herald's Maggie O'Brien. "But the university and law enforcement spent the weekend retracing the hacker's steps and were getting closer to figuring out that person's identity."
"According to Mauk, the university is working with local and federal law enforcement to determine the extent of the breach and to what degree, if any, individuals’ personal information may have been compromised," The Nebraska City News-Press reports.
"Mauk said the system is secured by proactive anti-hacking controls as well as monitors that can detect potential security issues," writes The Lincoln Journal Star's Faiz Siddiqui. "The university also has upped its security since the incident and plans to hire a security firm to further investigate the breach. The scope of the breach includes applicants who might or might not have attended any of the state's universities, as well as alumni dating as far back as spring 1985."