IT specialists at the Iowa State University have reportedly discovered a data breach that has affected five departmental servers located on-campus, we’re learning.
Specifically, the University’s statement on the matter indicates that the servers were attacked by an unknown entity/group to be used for mining bitcoins by harnessing their computing power.
According to the University, the servers held 29,780 Social Security numbers belonging to students who attended the University from 1995 through 2012 and took classes in Computer Science (1995-2005), World Languages and Cultures (2004, 2007, 2011-2012), and Materials Science and Engineering ENGR101 in Fall 2001 and MATE214 in Spring 2001).
The servers were also home to 18,949 student identifications, which the university says has no use beyond campus (and are used in conjunction with a password).
Officials at the institution don’t believe the sensitive information was the target of the unauthorized access, but have taken a number of steps in the aftermath, including contacting appropriate law enforcement agencies and offering one year of paid-for credit monitoring.
The University has mailed out letters to all students whose Social Security number/student IDs was stored on the servers, and all files containing student information on those servers have since been deleted.
The servers have also been disconnected from Internet access and destroyed.
Other servers of the same nature have received software updates from the vendor, have been disconnected from Internet access, and will be replaced in the near future.
The use of dedicated servers to mine bitcoin and other digital currencies is nothing new. For those with the know-how, it’s an easy way to mine without having to foot the electricity bill, which can easily become one of the major disadvantages to mining bitcoin with non-specialized hardware.
More information on the breach can be found on the Iowa State University website.
[textmarker color=”C24000″]Image[/textmarker] C. Burnett