Central Connecticut State University server infected with Z-Bot; over 18,000 notified of incident
A statement linked from CCSU’s home page, dated today:
Central Connecticut State University officials have announced that a security breach in a CCSU Business Office computer exposed the Social Security Numbers of current and former faculty, staff, and student workers to potential misuse.
James Estrada, the University’s Chief Information Officer, says the computer was infected by a “Z-Bot” virus, a malicious software program that exposed the Social Security Numbers of 18,275 CCSU individuals to potential risk. No other information, such as name or home address, was exposed.
“After conducting a forensic analysis, we have been unable to determine if any data was stolen or used in an unauthorized manner – only that the data was vulnerable for eight days in early December,” Estrada asserts. “As soon as the virus was detected, we acted immediately to protect the data by taking the impacted computer off line.”
CCSU has alerted the campus to the incident and announced that the University is offering free identity protection services for up to two years through Debix, an independent company that specializes in protecting and restoring personal credit and identity information and has worked with many of the state’s colleges and universities on similar incidents.
The University is in the process of matching the SSNs with names and addresses. Those whose information may have been compromised are being notified by Debix about how to receive credit and identity theft protection.
In an email to the campus community this afternoon, President Miller writes, “I deeply regret any inconvenience or anxiety this incident may cause you and your family. All of us involved in responding to this incident understand how important one’s personal information is and how critical it is to safeguard it. I want to assure you that, in coordination with the Board of Regents System Office and our own Information Technology office, we are working to prevent any such future incidents.”
To help answer questions, CCSU has set up a special web page: www.ccsu.edu/FAQ.
From the FAQ:
The University learned on December 6, 2011, that a computer in CCSU’s Business Office was infected with a “Z-Bot” virus designed to relay information obtained from the computer. As soon as it was discovered, the computer was immediately disabled. Subsequent forensic analysis revealed that the data on the computer had been exposed for approximately 8 days. The forensic analysis could not determine whether any data had actually been compromised or misused. CCSU and the Board of Regents System Office, however, believe that the exposure warrants offering comprehensive credit/identity theft monitoring services to all those whose information was at risk.[…]
We have determined at this point that 18,763 people were affected by this breach. That number may change as this information continues to be analyzed. To the best of our knowledge at this time, the list includes faculty, staff, student workers dating back to 1998.