The breach was discovered late Wednesday night by a university technical staff member. Technical staff took immediate corrective action to stop the breach and prevent further unauthorized access to individuals’ personal information. Joshua Mauk, NU information security officer, stressed that at this time there is no clear evidence that any information was downloaded, and that the notification to individuals is being done out of an abundance of caution.
The NeSIS database includes Social Security numbers, addresses, grades, transcripts, housing and financial aid information for current and former NU students as well as student applicants who may or may not have attended NU. The database includes information for alumni as far back as spring 1985.
According to Mauk, the university is working with local and federal law enforcement to determine the extent of the breach and to what degree, if any, individuals’ personal information may have been compromised. Police are currently pursuing leads in the case, but no further information is available. NU also has hired a leading firm specializing in data breaches to assist in a forensics investigation.
“The University of Nebraska takes the protection of student and alumni information very seriously. Right now we’re focused on determining the exact nature of the breach and communicating with those who may have been affected,” Mauk said. “We are working with law enforcement and forensics experts to thoroughly reconstruct this incident so that we can identify limitations in our system and put new safeguards in place for the future.”
Mauk added, “We deeply regret any concern or inconvenience this incident may cause our students or alumni.”
The university has created a website, http://nebraska.edu/security, where concerned individuals can submit questions and view the most current information related to the breach and ongoing investigation. The university will establish a toll-free service center if needed.