Contrary to previous reports by both the Nebraska State College System and the University of Nebraska-Lincoln, a May 23 security breach affected NSCS data, a Friday afternoon news release states.
The breach, which targeted the Nebraska Student Information System (NeSIS), was discovered and blocked within 16 hours, according to NSCS Chancellor Stan Carpenter.
On May 29, a member from UNL’s Technical Computing Network Services Staff stated “The NSCS records are in a separate database and we have not found any evidence that they were impacted by this breach”; however, the NSCS was informed next day, May 30, that the breach also included data from the system’s three colleges – Chadron, Peru, and Wayne State Colleges.
A portion of Chadron State’s student, alumni, faculty, and staff records from 1988 to the present are housed in the NeSIS, the NSCS news release stated. The NeSIS database includes social security numbers, birth dates, and financial aid information, among other data.
A UNL undergraduate is suspected to have orchestrated the breach. The identity of the suspect will not be released until an arrest is made, according to UNL police officials.
UNL police seized computers and equipment suspected to have been used in the attack May 30.
“We have seized computers and related equipment belonging to a UNL undergraduate student who we believe is involved in this incident,” UNL Police Chief Owen Yardley said. “They are currently in the hands of law enforcement and undergoing analysis.”
UNL has established a toll-free service center in response to the incident. The number is 888-215-4321; the center will be open from 8 a.m. – 5 p.m. CST.
According to UNL’s security page, “Initially, the center will be open seven days per week; call volume will determine any changes in hours or days of operation. Current and past students, employees, applicants, parents or anyone who is concerned that he or she has information in the NeSIS can call.”
A forensic investigation between multiple local and state officials is ongoing.