Salem State University Suffers Security Breach

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

The Boston Globe's Lauren Dezenski reports that the personal data of 25,000 current and former staff members and student workers at Massachusetts' Salem State University may have been compromised after a virus accessed a university human resources database.

According to the Globe, a letter was sent on March 11 from university president Patricia Maguire Meservey to all 25,000 people whose information was in the database, offering them a year of free identity protection services from Experian.

Tom Torello, Salem State's vice president of marketing and communications, told The Salem News' Bethany Bray that it's not clear if or how the information was actually used. "At this point, we don't know if anyone's information has been used in any type of illegal way, so we don't know if anyone's information is out there," Torello said.

Torello told SC Magazine's Danielle Walker that the virus in question was identified as Vobfus. In an analysis of the Vobfus malware, Trend Micro's Bernadette Irinco writes, "WORM_VOBFUS variants function as downloaders of other malware such as VIRUX and FAKEAV variants onto the affected users' systems. Further infections can put affected users' information at risk of being stolen by cybercriminals."