A breach of the University of Nebraska computer security affected more than its four campuses.
Nebraska State College System officials disclosed this afternoon that the breach exposed data stored by Chadron State, Peru State and Wayne State Colleges as well.
The colleges within the Nebraska State College System (NSCS) and the University of Nebraska began sharing student information in 2009. The shared student information system is known as NeSIS. At first, it appeared the data breach was confined to the University of Nebraska system, exposing the financial data of as many as 650,000 students, parents and alumni.
NSCS reported this afternoon that Chancellor Stan Carpenter was notified May 30th that the ongoing investigation disclosed that the security breach was much wider than first thought. The investigation is being conducted by the NeSIS staff, a third party computer forensics firm as well as local and federal law enforcement agencies.
“Since being notified of the breach, others within the Nebraska State College System and I have been working to obtain accurate information to relay to those who may have been affected,” Carpenter said in a written statement. “College employees were notified this afternoon of the breach and the NSCS has established a website about the breach that can be accessed from the colleges’ websites as well as from the NSCS website.”
The breach into the NSCS database was discovered after investigators confiscated computers and related electronics from the person suspected of being the hacker. Investigators have not released a name, but have stated that the suspect is an undergraduate student at the University of Nebraska-Lincoln.
Chancellor Carpenter stated that it doesn’t appear any of the Nebraska State College System data was downloaded. Staff members sealed the breach within 16 hours of its discovery. It is unknown whether any financial data from any of the institutions affected was downloaded.
NeSIS staff and the Nebraska State College System are working together on the investigation.
NSCS asks employees and students to carefully monitor their finances, though the NSCS does not store the bank account information of students and uses a third-party vendor to process credit card transactions. NSCS serves nearly 9,000 students at the three colleges.
The University of Nebraska has opened a center to handle calls made to 888-215-4321. The center will initially be open seven days a week, between 8am and 5pm CST. Call volume will determine operating hours, according to the university. The university invites current and past students, employees, applicants, parents or anyone who is concerned to call for information about the breach.
The university continues to make updates available at http://nebraska.edu/security.