Modernizing Authentication — What It Takes to Transform Secure Access
Arkansas State University has announced that university officials recently found that tax fraud had occurred for at least 150 employees (h/t DataBreaches.net). The employees only became aware of the fraud when they attempted to submit their tax returns and found that they had already been filed.
The university has not yet determined who was responsible or how the data was acquired, so it's urging all employees to take immediate action to ensure that they're not victimized. University employees are advised to call the IRS at 1-800-829-1040 or the IRS Identity Protection Specialized Unit at 1-800-908-4490.
In response to the incident, Arkansas State University has assembled a security task force consisting of faculty, staff and law enforcement, which meets daily in cooperation with the Arkansas Department of Finance and Administration, the Jonesboro Police Department and the IRS.
Thus far, the security task force has enforced password and pin resets, limited the number of employees who have access to sensitive data, minimized storage of sensitive data, validated current security measures with third-party security firms, and established a new privacy and security training course for all employees.
"I think any time that we look at our systems, in hindsight we see that we could do better, and that really doesn't matter what we're looking at," ASU vice chancellor Dr. Len Frey told Arkansas' Region 8 News. "We've just tighted up our access to a lot of different things."