George Mason University recently notified 4,400 people that personal information stored in a Travel Request Applications database could have been accessed due to a malware intrusion. Forensic examination of the server did not find any evidence of access to the data or exfiltration, but could not conclusively rule out the possibility.
The intrusion was discovered on July 16.
The notification letter, signed by S. David Wu, Provost and Executive Vice President of Academic Affairs, and Jennifer Wagner Davis, Senior Vice President, Administration and Finance, did not indicate what kinds of personal information were involved.
Those notified were offered free credit monitoring services with Experian ProtectMyID.