IT official says University System servers couldn’t detect intrusions
GRAND FORKS — An inability to detect intrusions was partially to blame for the North Dakota University System server breach that left the personal information of more than 290,000 former and current students, staff and faculty vulnerable, according to a system official.
Lisa Feldner, a vice chancellor in charge of information technology, gave an update on the server breach to the State Board of Higher Education on Thursday.
Even though she was the state’s chief information officer for seven years when she left to join the University System last may, she said she was unaware state’s Information Technology Department, which oversees the University System’s data network, didn’t have any intrusion-detection measures in place.
“It was not requested before I got here, which was a surprise to me,” Feldner said.
Those security measures are being implemented, but she also stressed the importance of continuing to educate people about keeping their identity secured, as the server was likely breached through someone’s personal laptop using malicious software, or “malware.”
“Password changes more frequently would have also stopped it,” she said.
Feldner also addressed accusations that the department took too long to notify the public of the server breach, which was discovered in February after going undetected for four months.
She said the breach was investigated by the University System IT department, the state’s cybersecurity center and federal investigative agencies, so the process took awhile.
“You can’t physically look through that many files,” she said.
The department is now confident the server was used as a jumping-off point for accessing other information and that personal information wasn’t compromised, she said, but the University System is still offering free identity-protection services to those affected for the next year.
Feldner said all of the emails alerting students, faculty and staff of the services were completed March 20, but since not everybody affected has email addresses, the department is “relying on the media and other public affiliates to try and notify people.”
The call center that was opened to field questions about the incident had received 826 calls as of March 22. It can be reached at 855-711-5990 from 8 a.m. to 8 p.m. Monday through Saturday.