Files contained personal information of 760,000 people
By Encarnacion Pyle
The Columbus Dispatch
Ohio State University is notifying 760,000 students, professors and others that hackers might have accessed their personal information.
In late October, officials discovered that unauthorized individuals logged into an Ohio State server with the names, Social Security numbers, birth dates and addresses of current and former students, faculty, staff, as well as consultants and contractors who do business with the school.
No OSU Medical Center patient records or student health records were involved.
Ohio State officials said they haven’t heard of any identity thefts related to the incident. They did, however, say experts found evidence that the hackers were trying to launch cyber attacks.
The school also is offering 12 months of free credit-protection.
“We are committed to maintaining the privacy of sensitive information and continually work to enhance our systems and practices to reduce the likelihood of such events occurring,” Provost Joseph A. Alutto said.
He said Ohio State is working with a nationally-recognized data security firm to strengthen its systems against further attacks. OSU officials expect to spend as much as $4 million to pay for the forensic investigation and credit-protection services for the individuals whose personal information was hacked.
“We regret that this has occurred and are exercising an abundance of caution in choosing to notify those affected,” he said.
In the past three years, Ohio State has investigated an average of 10 potential data breaches annually.