May 19, 2005
Charles Harmon Director of University Relations, Joe Newton, Interim Chief Information Officer (229) 333-5974
VSU continues to investigate unauthorized access to a computerincident
Valdosta State University officials are investigating an
incident of unauthorized access to a computer server that contained
information for the VSU 1Card Services. The VSU 1Card is a
multipurpose identification and on-line debit card issued to
students upon initial enrollment and to employees. The computer
intrusion occurred on a server that contained some social security
numbers. At this time, there is no evidence or reason to believe
that credit card numbers were on the server.
Interim Chief Information Officer Joe Newton says Valdosta State officials have determined that an unauthorized party accessed the server in the mid-evening hours of May 17th. An initial investigation has not yet determined if any personal data was acquired. Newton says there is a possible risk of identity theft for those people whose information may have been compromised.
While the initial investigation indicated that most current students and employees were not affected, further investigation has now revealed that the potential exposure includes all current students and employees, all students who were enrolled since approximately 1997, and former employees who left approximately between 1997 and 1999.
As a precautionary measure, the University wants to alert all of these people and encourage them to immediately place a fraud alert on their credit files by calling one of the three credit reporting companies: Equifax (800-525-6285), Experian (888-397-3742) or TransUnion (800-680-7289). Any one of these agencies will place a fraud alert on an individual's credit files and share the information with the other two agencies. Free copies of a credit report can also be requested.
Newton says Valdosta State officials will be making every reasonable effort to contact all of the individuals whose social security numbers may have been affected. In the meantime, the University has set up a special Web page ( www.valdosta.edu/fraudconcern ) with information and resources for people who are concerned that their personal information may have been compromised. The website will also have a form available for persons to look-up their ID to find out if they are at risk.
Valdosta State's University Police and Division of Information Technology are conducting the investigation of this incident with the assistance of the Georgia Bureau of Investigation.