University Alerting Alumni About Security Breach That May Have Exposed Personal Information
Personal information from more than 1,000 Penn State alumni may have been compromised because of a security breach involving a university computer.
Penn State says it's alerting people whose information could possibly have been stolen in letters that were sent out on Thursday.
A news release from Penn State says malware was discovered on a computer in the Office of University Development and Alumni Relations at the Penn State College of Medicine. The malware allowed the computer to communicate with "an unauthorized computer outside the network."
The infected computer contained 1,176 social security numbers which came from a list of college of medicine alumni. The university says that list was last used in 2005 when Penn State still used social security numbers as student ID numbers.
The Penn State computer was taken offline as soon as the problem was uncovered. It's unclear whether any data was actually stolen. The university is notifying anyone whose "personally identifiable information" may have been disclosed.
In a prepared statement Penn State's privacy officer Holly Swires says, "We have no reason to believe that this information was accessed by unauthorized individuals, but those affected should be alert in the event that an individual attempts to use their identity."
Letters sent out today include contact information so potential victims can ask questions along with a brochure containing tips on how to prevent identity theft.
The university recommends that people visit the Federal Trade Commission for additional information about identity theft risks and prevention.