ND: Audit: Not making security top concern led to NDUS breach
Tu-Uyen Tran reports that an audit conducted in the wake of NDUS’s breach earlier this year found major problems that went far beyond the few employees who were eventually fired:
An email a stranger sent to the North Dakota University System’s computer security officer on the morning of Feb. 7 was the first sign that there had been a security breach.
The stranger had received a warning from Google the night before saying that an NDUS server had tried to hijack his account.
It so happens that server, physically located at the University of North Dakota in Grand Forks, contained the private information of more than 290,000 students and employees.
News of the attack quickly spread as NDUS warned potential victims of the security breach. Later it would fire three employees, including the security officer. But a security audit and other documents obtained by The Forum shows that the problems went beyond just those employees to a flawed corporate culture in which security did not appear to be a top concern.
Read more on Bismarck Tribune.