Educause Security Discussion mailing list archives
Re: EDUCAUSE Statement on Server Breach
From: Jason Murray <jemurray () ZWECK NET>
Date: Tue, 19 Feb 2013 13:58:39 -0600
As many other people have said, using a 3rd party to send out security notices is a very bad idea. Please use your official domain for all links in the future. Jason E. Murray Sr. Systems Engineer Washington University in St. Louis Phone: 314-935-4865 Email: jemurray () wustl edu Web: http://nss.wustl.edu/~jemurray/ On 2/19/13 1:16 PM, Valerie Vogel wrote:
Please review the statement below; contact information for inquiries is provided at the conclusion. February 19, 2013 –/Garth Jordan, Vice President, Operations, of EDUCAUSE,/ /issued the following statement with regard to a recent breach of EDUCAUSE servers by an unauthorized third party./ “On February 5^th , EDUCAUSE discovered that the server that maintains the .edu domain information and our member profile information was breached. The breach may have compromised .edu domain passwords and information contained in individual EDUCAUSE website profiles, including names, titles, e-mail addresses, usernames, and passwords. Based on our investigation to date, we do not believe the breach included access to credit card data, financial accounts, or other sensitive information. “EDUCAUSE took immediate steps to contain this breach and we are working with Federal law enforcement, investigators, and security experts to make sure this incident is properly addressed. Additional security measures have been implemented to help prevent any future occurrences. “As a precaution, we are proceeding as though all individual EDUCAUSE website profiles and all .edu domain holders might have been impacted. We have notified via email all .edu domain holders and all individuals with website profiles about the breach and requested that they change their passwords. All that is required from those impacted by this breach is a password re-set. “The threat of a breach is a constant business concern; no organization is immune from these illegal and harmful activities. Therefore, our priority remains ensuring the security and privacy of our members, domain holders, and everyone who relies on our services.” * For help with*EDUCAUSE website profile password changes*, please contact EDUCAUSE Member Services at _info@educause.edu_ <mailto:info () educause edu> or +1-303-449-4430. * For help with *.edu domain password changes*, please contact EDUCAUSE Member Services at _edu@educause.edu_ <mailto:edu () educause edu> or +1-303-449-4805. * For *media inquiries*, please contact Pete Boyle, Senior Vice President for Lipman Hearne, at _pboyle@lipmanhearne.com_ <mailto:pboyle () lipmanhearne com> or +1-202-536-8088. Thank you, Valerie *Valerie Vogel*Program Manager *EDUCAUSE* <http://www.educause.edu/> /Uncommon Thinking for the Common Good /direct: 202.331.5374 | main: 202.872.4200 | twitter: @HEISCouncil | educause.edu <http://www.educause.edu/>
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- Re: EDUCAUSE Statement on Server Breach, (continued)
- Re: EDUCAUSE Statement on Server Breach Lorenz, Eva (Feb 20)
- Re: EDUCAUSE Statement on Server Breach Mark Boolootian (Feb 20)
- Re: EDUCAUSE Statement on Server Breach Kevin Halgren (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Valerie Vogel (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Kevin Halgren (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Michael Sinatra (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Mike Porter (Feb 20)
- Message not available
- Re: EDUCAUSE Statement on Server Breach Benjamin Parker (Feb 19)
- Re: EDUCAUSE Statement on Server Breach Scherck, Daniel (Feb 19)