An intrusion into the University of Central Florida’s computer network has resulted in unauthorized access to certain personal information of some current and former students and employees.
After UCF discovered the unauthorized access in January, university officials immediately reported the incident to law enforcement and launched an internal investigation with the assistance of a national digital forensics firm.
To date, the investigation has determined unauthorized access to Social Security numbers — but not credit card information, financial records, medical records or grades — for approximately 63,000 current and former students, staff and faculty members.
“Safeguarding your personal information is of the utmost importance at UCF,” President John C. Hitt said in an email to the campus community this morning. “To ensure our vigilance, I have called for a thorough review of our online systems, policies and training to determine what improvements we can make in light of this recent incident.
“Every day, people and groups attempt to illegally access secure data from institutions around the world. Higher education institutions are popular targets. UCF will continue to work diligently to protect this important information from those who would break the law to get it.”
UCF, which is notifying those impacted by the incident via letters that should be received the week of Feb. 8, is offering one year of free credit monitoring and identity-protection services for affected individuals.
UCF has established a web page – www.ucf.edu/datasecurity – with details about the incident, including the groups of current and former students and employees involved and recommendations for those impacted. UCF also has established a call center, available at 877-752-5527 from 9 a.m. to 9 p.m. Monday through Friday. Spanish-speaking operators also are available.
UCF has already begun taking actions to enhance user account and password security and strengthen data security processes and protocols on the university’s computer network. The university also will expand information-security education and training.