BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Investigating apparent IT breach, Stanford urges users to update passwords

From: Jake Kouns <jkouns () opensecurityfoundation org>
Date: Fri, 26 Jul 2013 15:48:48 -0400
http://news.stanford.edu/pr/2013/pr-apparent-it-breach-072513.html

Stanford is investigating an apparent breach of its information
technology infrastructure similar to incidents reported in recent
months by a range of companies and large organizations in the United
States. We do not yet know the scope of the intrusion, but we are
working closely with information security consultants and law
enforcement to determine its source and impact. We are not aware at
this time of any protected health information, personal financial
information or Social Security numbers being compromised, and Stanford
does not conduct classified research.

As a precautionary measure, we are asking all users of Stanford's
computer system – that is, all those with a SUNet, or Stanford
University Network, ID – to change their passwords. As we learn more
about the incident, this process may need to be repeated.

Stanford treats information security with the utmost seriousness and
is continually upgrading its defenses against cyberattacks. Like many
institutions, it repels millions of attempted attacks on its
information systems each day. In recent months, a range of large
organizations have reported attacks involving their information
systems. Preliminary indications are that the breach at Stanford bears
many similarities to these incidents.

We are unable to provide additional detail at this time, given the
ongoing nature of the investigation and the importance of limiting any
damage from the incursion. We will provide updates to users of our
systems as more information becomes available.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.
Previous By Date Next
Previous By Thread Next

Current thread: