Graceland University Data Breach Exposed Sensitive Personal Information

Graceland University in the United States, has confirmed they have fallen victim to a cyber attack. In their recent security notice, Graceland University disclosed data breach incidents striking their system at least three times.

Graceland University Disclosed Breach

Graceland University has recently disclosed numerous security incidents affecting its database. The university confessed of three different instances of unauthorized access to their system.

Explaining the details of the incidents in their security notice, the university confirmed that they noticed unauthorized access to the email accounts of their employees at least three times. The unauthenticated user not only gained access to the email account but also, the information contained within. As stated in the notice,

Graceland has become aware of three instances in which an unauthorized user gained access to the email accounts of current employees, including the contents and attachments connected to those accounts.

Regarding the timeline of the breaches, the university stated that the incidents happened between the end of March 2019, and May 2019, for varying intervals.

The unauthorized user had access to these individual accounts on March 29, 2019, and from April 1-30 and April 12-May 1, 2019, respectively.

The repeated security breaches ultimately resulted in the exposure of personal information of victims. The breached information reportedly includes individuals full names, birth dates, addresses, email addresses, and contact numbers. In addition, it also included some sensitive data such as Social Security numbers, information about parents/children, information about salaries, and financial aid information.

The potential affected individuals include those who might have interacted with the affected email accounts. However, Graceland University did not state any precise number of affected individuals at this time.

Security Measures Being Taken

As disclosed in their notice, after identifying the security incident, the university secured the affected email accounts. For now, they assure noticing no suspicious activity involving the data.

Graceland does not have any evidence at this time that this information was, in fact, stolen or has been used in a malicious manner.

Nonetheless, they have recommended the necessary security steps to help protect the victims from potential threats. In addition, they have also sent separate email notices to the affected individuals, informing them of the incident.

Recently, the University of Alaska also disclosed a security breach exposing personal data of students.

Let us know your thoughts in the comments section.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients