Cyber Incident Victim: University of West Florida
Date:
Jul 2014
Location:
United States of America
Summary
The University of West Florida experienced unauthorized network intrusions targeting credentials, compromising approximately 90 institutional ArgoNet accounts and 70 external accounts linked to platforms like social media and email services. The breach primarily affected users who accessed the network through specific campus facilities, including the library, science and engineering building, and residence halls. The institution secured its systems against further attacks and notified impacted individuals.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On July 31, 2014, the University of West Florida disclosed unauthorized activity on portions of its Pensacola main campus network. The attackers targeted the network to intercept authentication credentials, compromising approximately 90 UWF ArgoNet usernames and passwords alongside approximately 70 sets of credentials for non-university systems including Facebook, Twitter, and Hotmail. The breach impacted individuals who had utilized the network within specific campus buildings during the preceding 12-month period: John C. Pace Library, Building 4 (Science & Engineering), and UWF residence halls. University officials identified these locations as primary risk zones, though the exact intrusion timeframe remained unspecified in their public statement. The attackers’ methods focused on credential interception through network compromise rather than direct database access or malware deployment based on available details. No evidence suggested broader access to academic records, financial data, or research systems beyond the captured login credentials.
UWF initiated incident response by securing affected network segments to prevent further attacks, though technical mitigation specifics were not publicly detailed. The university issued direct notifications to all 160 impacted individuals via its Information Technology Services department by August 1, 2014. All ArgoNet account holders received institution-wide directives to promptly change passwords regardless of confirmed compromise. Public warnings specifically advised library visitors who had accessed personal accounts through campus computers or networks to reset external service passwords as a precautionary measure. The university established a dedicated informational webpage for ongoing updates but did not disclose whether law enforcement was engaged or whether forensic investigations determined attacker origins. Credential exposure remained confined to authentication strings without evidence of subsequent misuse at disclosure time.