Continuing with the trail of data breaches at colleges and universities, a recent attack has put 42,000 records at risk. The Eastern Maine Community College suffered a malware attack targeting several computers. As a result, around 42,000 records of former students and employees were exposed in the EMCC data breach.
42K Records Exposed In EMCC Data Breach
Eastern Maine Community College suffered a malware attack resulting in a compromise of records. The news surfaced online after officials released a media statement on Friday, regarding the EMCC data breach. Reportedly, the malware attack resulted in a breach of 42,000 records of former students and faculty.
Explaining about the affected individuals, the college states,
“The group includes individuals who attended EMCC between summer 1998 and summer 2018 or were employed by the college between 2008 and 2018.”
Supposedly, breached details include usernames, passwords, and email addresses associated with the college domain. Although the college has identified no direct loss of data, they still suspect the breached records included personal information as well, such as the names, contact addresses, dates of birth, and Social Security numbers.
EMOTET Attack Identified As Source Of Breach
According to the EMCC press release, the breach occurred as a result of a malware attack. Allegedly, the malware infected several college computers. The college suspects it to be EMOTET malware – a robust modular banking Trojan classified among the “most costly and destructive malware” by the US-CERT.
After noticing the incident, EMCC reported it to relevant law enforcement authorities and has begun investigations. The college is also employing measures to ensure the infection is removed from its systems.
While announcing the data breach, Lisa Larson, President EMCC, says in a statement,
“We very much regret the inconvenience or concern this incident may cause. EMCC takes seriously the protection of personal information, and our efforts to improve and strengthen our electronic security are ongoing. Unfortunately, institutions of all kinds around the world are increasingly subject to sophisticated and aggressive hacking tactics such as the one involved in this incident.”
Besides, EMCC will begin notifying the 42,000 affectees “out of an abundance of caution” via separate letters. Moreover, the college is also offering free credit monitoring and identity restoration services to the affected individuals.