Social security numbers at risk in possible university data breach

The social security numbers of employees have potentially been exposed by a suspected data breach at Metropolitan State University in St. Paul.

KSTP reports that the U.S Secret Service is investigating the possible breach in mid-December in which someone gained unauthorized access to a university server that contained personal information of faculty, staff and students.

While the university has confirmed there was no financial data or credit card information on the accessed servers, but did admit that employee social security numbers were listed on several databases.

"While our investigation may take several weeks to establish the nature and scope of the likely breach, out of an abundance of caution and with the goal of full transparency, we have communicated to our faculty, staff and students to make them aware of what we do know about this situation," said Devinder Malhotra, PhD, Interim President, told KSTP.

"As our investigation progresses, we will share the results, contact affected individuals, and confirm if data were compromised."

In a Q&A page on its website, the university has said it learned about the suspected breach on Jan. 2, when information about the hack was posted on a blog site, and at this stage still does not know how many people are affected.

Even though it has said no financial data was on the accessed servers, it has advised people associated with the university monitor their accounts for any unusual activity.

In response, the university has tightened up its security procedures and is moving its website to a new server.

If the breach is confirmed, the university would become the latest in a growing line of Minnesota organizations to fall victim to data hackers, which includes the major data breach of Minneapolis-based Target, which affected 110 million shoppers.