Computer Security Incident - 12/21 Update December 22, 2007
Posted by drowden in : News , add a commentDear Campus Community:
The investigation into the computer hacking incident at the University of Michigan-Flint is nearing completion. The IT forensics team has concluded that the clear purpose of the security breach was to illegally share copyrighted music and movies.
Our analysis of the affected servers that contained sensitive data is complete. Investigators from Information Technology Services in Flint as well as Information Technology Security Services in Ann Arbor went through thousands of files to determine whether sensitive data were accessed. Staff from several departments at the University of Michigan-Flint helped to verify this information. Of the thousands of records, there were 40 cases where the University could not conclusively determine that information had not been accessed. Although we think it is unlikely that the information was, in fact, accessed, we are erring on the side of caution and contacting those 40 individuals directly about steps they can take in response to the possibility that this crime exposed their personal information. There are still servers that are being analyzed, but we believe there is not any sensitive data on those remaining servers.
The University will continue to employ up-to-date security practices and technologies to prevent these types of crimes. The current criminal investigation is ongoing. Law enforcement officials, including the Federal Bureau of Investigation, will continue to aggressively pursue the intruders who targeted the University and bring them to justice. I would like to extend my appreciation to all staff members from both campuses who have assisted with the investigation.
Your patience and understanding during the last two weeks has been greatly appreciated. Please do not hesitate to contact me if you have any further questions or concerns.
Sincerely,
Scott Arnst
Director, Information Technology Services
