Re: EDUCAUSE Statement on Server Breach

[Bob Bayn <bob.bayn () USU EDU>]

We, too, were scurrying around and called the Denver office for reassurance before that message arrived from Valerie.

Bob Bayn    SER 301    (435)797-2396       IT Security Team
Office of Information Technology,     Utah State University
     three common hazardous email scams to watch out for:
     1) unfamiliar transaction report from familiar business
     2) attachment with no explanation in message body
     3) "phishing" for your email password
________________________________
From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Malyn, Justin 
D. [MalynJ () UMKC EDU]
Sent: Tuesday, February 19, 2013 12:31 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] EDUCAUSE Statement on Server Breach

Just FYI, the emails directly to profile holders has a password reset link that uses the domain educause.informz.net , 
which this would be one case where using link-usage-tracking in email might be bad when notifying for a breach.  (Maybe 
instead just tell people to visit the educause site, and take these page steps to reset your password, so that no click 
link is involved?)

Without having seen the below note first (I got the profile warning first), it looked like an elaborate phishing email 
since the click links didn’t match.

-Justin

Justin D. Malyn
Information Security Officer
GCED, GCWN, GCIH, GCFA, and GSLC Certified by GIAC.org
Information Services
University of Missouri - Kansas City

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Valerie 
Vogel
Sent: Tuesday, February 19, 2013 1:16 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] EDUCAUSE Statement on Server Breach

Please review the statement below; contact information for inquiries is provided at the conclusion.

February 19, 2013 – Garth Jordan, Vice President, Operations, of EDUCAUSE, issued the following statement with regard 
to a recent breach of EDUCAUSE servers by an unauthorized third party.

“On February 5th, EDUCAUSE discovered that the server that maintains the .edu domain information and our member profile 
information was breached. The breach may have compromised .edu domain passwords and information contained in individual 
EDUCAUSE website profiles, including names, titles, e-mail addresses, usernames, and passwords. Based on our 
investigation to date, we do not believe the breach included access to credit card data, financial accounts, or other 
sensitive information.
“EDUCAUSE took immediate steps to contain this breach and we are working with Federal law enforcement, investigators, 
and security experts to make sure this incident is properly addressed. Additional security measures have been 
implemented to help prevent any future occurrences.
“As a precaution, we are proceeding as though all individual EDUCAUSE website profiles and all .edu domain holders 
might have been impacted. We have notified via email all .edu domain holders and all individuals with website profiles 
about the breach and requested that they change their passwords. All that is required from those impacted by this 
breach is a password re-set.
“The threat of a breach is a constant business concern; no organization is immune from these illegal and harmful 
activities. Therefore, our priority remains ensuring the security and privacy of our members, domain holders, and 
everyone who relies on our services.”

·         For help with EDUCAUSE website profile password changes, please contact EDUCAUSE Member Services at info () 
educause edu<mailto:info () educause edu> or +1-303-449-4430.
·         For help with .edu domain password changes, please contact EDUCAUSE Member Services at edu () educause 
edu<mailto:edu () educause edu> or +1-303-449-4805.
·         For media inquiries, please contact Pete Boyle, Senior Vice President for Lipman Hearne, at pboyle () 
lipmanhearne com<mailto:pboyle () lipmanhearne com> or +1-202-536-8088.


Thank you,
Valerie

Valerie Vogel Program Manager

EDUCAUSE<http://www.educause.edu/>
Uncommon Thinking for the Common Good
direct: 202.331.5374 | main: 202.872.4200 | twitter: @HEISCouncil | educause.edu<http://www.educause.edu/>