Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Student Suspected in University of Nebraska Data Breach

Earlier this week, SecurityWeek reported that the University of Nebraska was investigating a cyber attack that resulted in a security breach of an information system that houses sensitive data on students and alumni dating back to 1985 that contains personal records for students, alumni and applicants of the university’s four campuses and could affect up to 650,000 individuals.

Earlier this week, SecurityWeek reported that the University of Nebraska was investigating a cyber attack that resulted in a security breach of an information system that houses sensitive data on students and alumni dating back to 1985 that contains personal records for students, alumni and applicants of the university’s four campuses and could affect up to 650,000 individuals.

University of Nebraska Data Breach

University of Nebraska officials now are saying they have identified a student who they believe was responsible for the security breach. 

“We have seized computers and related equipment belonging to a UNL undergraduate student who we believe is involved in this incident,” said UNL Police Chief Owen Yardley. “They are currently in the hands of law enforcement and undergoing analysis.”

Yardley added that the individual was identified by University of Nebraska IT staff through the IP addresses used to access the system. “The forensics process can be very time-consuming,” he said.

The university has yet to name the individual, and said will not be released until an arrest is made.

“In order to assist with the criminal investigation, police asked the university not to release information about this security incident during the first 48 hours as work was done to verify the identity of the individual involved and necessary legal steps were taken to seize the property,” Yardley said.

Meanwhile, Joshua Mauk, the university’s information security officer, said that the university and law enforcement officers are currently analyzing how the breach occurred, and attempting to determine if, and what information may have been downloaded.

Advertisement. Scroll to continue reading.
Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Cloud Security

VMware described the bug as an out-of-bounds write issue in its implementation of the DCE/RPC protocol. CVSS severity score of 9.8/10.