Butler alumni, current and prospective students warned of data breach
INDIANAPOLIS, Ind. (June 30, 2014) – Thousands of current and past Butler University students and employees are at risk for identity theft, according to a letter sent from the university to students and alumni. Personal information was compromised during a hacking incident that university officials believe happened between November 2013 and May of this year.
Anyone whose information the university gathered could have been part of the breach, including prospective students. A letter went to people who earned a degree at Butler dating back as far as the 1980s, informing them of the data breach. In total, 163,000 people may have had their information compromised.
The letter says, “We have determined that files containing your name, date of birth, Social Security number, and bank account information were accessible to the hacker(s) during this time period.”
Butler began investigating the breach after getting information from authorities in California who had arrested a suspect in possession of a flash drive containing information of Butler employees. That suspect was never affiliated with Butler, said university spokesperson Michael Kaltenmark.
He said information from the original small group of Butler employees on that flash drive was used. However, he said there was no evidence that the information of the thousands of others was ever actually used.
The university used a computer forensics team to investigate the electronic system and find any holes through which the hacker might have gained information.
“The part of the Butler University network that was exposed by the hackers, we determined what that was, corrected that issue and then we’re working, ongoing, to take steps to further fortify the Butler University network so things like this don’t happen in the future,” Kaltenmark said.
Butler is offering complimentary memberships to a third-party identity theft protection program to those potentially affected by the breach. The university is also encouraging everyone to closely monitor their bank accounts and credit card statements for any signs of suspicious activity.