June 14, 2005
05-162

Charles Harmon Director of University Relations, Joe Newton, Interim Chief Information Officer (229) 333-5974

Preliminary investigation of May 17th unauthorized computer accessincident at VSU shows no sign of data transferred from server

Valdosta State University officials say a preliminary investigation into the unauthorized access to a computer server on May 17th has been unable to provide any evidence that a substantial amount of data or any data was transferred from the server.

"Right now the preliminary investigation reveals that no major harm was done, except for the inconvenience to members of the VSU community, which we certainly regret," said VSU Interim Chief Information Officer Joe Newton.

Newton said VSU has taken several steps to update security.

"The 1Card server has been reconfigured, security measures have been reviewed, and additional measures taken to harden the security," said Newton. He added that a campus wide information security plan continues to guide evaluation and improvement of information security at VSU.

The unauthorized intrusion occurred to a computer server that contained information for the VSU 1Card Services. The VSU 1Card is a multipurpose identification and on-line debit card issued to students upon initial enrollment and to employees. The computer intrusion occurred on a server that contained some social security numbers, but credit card numbers were not involved.

Newton said potential exposure to the May 17th intrusion included all current students and employees, all students who were enrolled since approximately 1997, and former employees who left approximately between 1997 and 1999.

As a precautionary measure VSU requested that all of these people place a fraud alert on their credit files by calling one of the three credit reporting companies: Equifax (800-525-6285), Experian (888-397-3742) or TransUnion (800-680-7289).

The May 19th news release can be found at: http://www.valdosta.edu/news/alerts/one_card.php