University Acts to Notify and Protect Those Potentially Affected by Data Security Incident

Ferris State UniversityFerris State University officials learned on July 23 that an unauthorized person evaded network security and gained access to a server that is used to operate Ferris’ website.

According to John Urbanick, Ferris’ chief technology officer, the university immediately shut down that server and hired a leading national computer forensic firm to help investigate the incident and block any further unauthorized access. Urbanick said the investigation did not find any evidence that the unauthorized party actually viewed or removed any information, and the university has not received any reports from students or employees that their information has been misused in any way.

“As a precaution, we’re notifying individuals whose sensitive information was in the files,” Urbanick said. He noted that letters were sent Wednesday to approximately 39,000 individuals whose names and Social Security numbers were in files that were accessible. While there is no evidence to show any credit information was compromised, these individuals are being offered one year of free credit monitoring to address concerns. Letters also were mailed to 19,000 current, former and prospective students whose names and campus wide student identification numbers were accessible. Students may request a change to their campus wide identification number by visiting www.ferris.edu.

“Ferris recognizes the importance of the privacy and confidentiality of personal information that is provided to us. We will continue to strengthen our security measures to help guard against future attempts of this kind,” Urbanick said.

The university has established a dedicated call center for individuals to call if they have questions about what occurred and steps they can take to protect themselves. The call center is open Monday through Friday from 9 a.m. to 7 p.m. EDT. The toll free number is 1-877-283-6566.

Last updated: 08-15-2013