Those involved at Franklin College may have seen personal data revealed to hackers who hacked into the school’s network with a malicious code attack.
The attack took place on January 21, and college officials withheld information to determine, through an investigation, what data might have been taken. After an investigation concluded in June, college officials sent a letter to those who may have been affected on August 29. The letter says the information gathered may have included the names and driver’s license or identification numbers of people involved with Franklin College.
Information taken during the breach may also include Social Security numbers, according to Turke and Strauss LLP, a Madison, Wis.-based law firm investigating the breach.
The breach may have affected more than 5,900 people, suggesting it was not limited to current students and staff.
Once school leaders learned of the breach, they worked with local and national information technology and cybersecurity experts to investigate, university spokeswoman Deidra Baumgardner said. in a press release.
“While the college is unaware of the misuse of affected information as a result of this incident, it is offering free credit monitoring services to all affected as a matter of caution,” Baumgardner said. “The college has reported the incident to law enforcement and will provide further comment as appropriate, without compromising any investigation.”
In response to the attack, college officials are offering an identity theft protection service through IDX, an identity protection company based in Portland, Oregon. That protection includes 12 months of CyberScan credit and monitoring, a $1,000,000 insurance reimbursement policy and fully managed identity theft recovery services, according to the letter.
College officials advise students to contact their bank or credit card company if they notice suspicious activity or suspected identity theft. According to the letter, students can also consider placing a fraud alert on their credit report or a security freeze on their credit report for free.
Individuals who have been notified of their data compromise should retain the letter from the college, register for the free credit monitoring service mentioned in the letter, change their passwords and security questions, review their account statements and report identity theft, fraud and unauthorized activity. , and request a temporary fraud alert, according to Turke and Strauss.
School officials did not respond to other questions about the data breach, such as which groups of people outside of current staff and the student body may have been affected, as well as when they were informed these people.