The University of Nebraska sent the following email on Saturday to individuals with bank accounts associated with the Nebraska Student Information System.
You are receiving this letter because you have an account in the University of Nebraska Student Information System (NeSIS), the electronic database of student and alumni records.
On May 23, 2012, University personnel detected a security breach in the system indicating that an unauthorized individual had gained high-level access to the restricted database. This was a sophisticated and skilled attack on our system. Information in the system includes Social Security numbers, any bank account information associated with the NeSIS account, and personal and academic data. Our records indicate that you have a bank account that is associated with your NeSIS account, so we are writing to notify you of this breach and to advise you to monitor your bank accounts over the next several weeks and report any suspicious activity to your financial institution.
As a precaution, you may also want to consider action to minimize your potential risk of identity theft such as placing a fraud alert on your consumer credit file. By doing so, you let creditors know to watch for unusual or suspicious activity, such as someone attempting to open a new credit card account in your name. You may also wish to consider placing a security freeze on your accounts by writing to the credit bureaus. A security freeze means that your credit history cannot be seen by potential creditors, insurance companies or employers doing background checks unless you give consent. Contact information for the credit bureaus can be found on the website noted below.
At this time there is no clear evidence that any information was downloaded; we are sending you this notice out of an abundance of caution. We are working with law enforcement and forensics experts on this issue and will provide updated information online at http://nebraska.edu/security.
The University of Nebraska takes the protection of student and alumni information very seriously. Keeping our systems and data secure is a high priority, and security experts will help us reconstruct this incident, identify limitations in our system and put new safeguards in place. We deeply regret any concern or inconvenience this incident may cause you.
Information Security Officer
University of Nebraska