VANCOUVER (NEWS 1130) — There’s been a data breach affecting personal information at SFU.
A letter went out to faculty, staff, students, alumni, and retirees saying electronic data was exposed on Feb. 27 and informed people to change their passwords to SFU email and accounts. The breach impacted those who joined the university prior to June, 20, 2019.
“While it does not appear that any SFU Computing accounts have been compromised, changing your password now will significantly mitigate that risk,” the letter reads.
It informs people they could be at risk of unsolicited emails or identity theft since student ID numbers, birth dates, full names, course enrolment, email addresses, and encrypted passwords were exposed.
According to the letter, the university came under a ransomware attack that found “a weakness in the way information was handled.”
There has been a “breach of privacy” at @SFU. It has sent a letter to faculty, staff, students, alumni, and retirees who joined SFU prior to Jun. 20, 2019. The school says data was exposed on Feb. 27, 2020. “No SFU systems are currently exposed.” Details on @NEWS1130.
— Sonia Aslam (@SoniaSAslam) March 2, 2020
The breach was corrected a day later and SFU systems are not currently exposed.
The university says it is taking steps to reduce the harm caused by the breach through reviews and changes to policies and security measures.
SFU later released a notice that it was experiencing a higher-than-normal volume of traffic to the SFU Computing ID password reset page, causing it to be unavailable.
“Please try again later today. We apologize for any inconvenience.”
Notice: We are currently experiencing a higher than normal volume of traffic to the SFU Computing ID password reset page causing the page to be unavailable. Please try again later today. We apologize for any inconvenience.
— SFU IT Services (@sfu_it) March 2, 2020