Cyber Incident Victim: Auburn University
Date:
Oct 2013
Location:
United States of America
Summary
An Auburn University College of Business server was compromised by an unidentified hacker, potentially exposing names and Social Security numbers of nearly 14,000 current and former students, faculty, and staff over a four-week period. The institution patched the vulnerability upon discovery, initiated internal and external forensic investigations, and notified affected individuals while offering complimentary credit monitoring and identity theft protection services. The breach primarily involved academic and employment records, though no evidence confirmed unauthorized access to or misuse of the sensitive data.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Between October 21, 2013, and November 20, 2013, an unidentified hacker compromised a server within Auburn University's College of Business, potentially exposing the personal information of 13,698 current and former students, faculty, and staff. The university discovered the breach on November 20, 2013, concluding that the attacker had unauthorized access to the system for approximately four weeks. The compromised server stored sensitive data including names and Social Security numbers, primarily linked to academic coursework records for students and employment-related information for faculty and staff. While the intrusion provided a prolonged window for data exfiltration, Auburn University explicitly stated it found no evidence confirming the attacker accessed files containing personal information or any indication of actual or attempted misuse of the compromised data. The breach specifically impacted individuals affiliated with the College of Business, though the technical vulnerability enabling the attack was not detailed in public statements.
Upon identifying the breach, Auburn University immediately patched the exploited vulnerability to prevent further unauthorized access. The institution initiated an internal investigation to assess the incident's origins and scope while concurrently engaging an external computer forensics expert to conduct an independent examination. All 13,698 affected individuals received direct notifications detailing the potential exposure of their personal information and were offered one year of complimentary credit monitoring and identity theft protection services. The university's public communications emphasized the absence of confirmed data misuse but acknowledged the inherent risks associated with the exposure of Social Security numbers. The compromised server's data pertained to academic and employment activities within the College of Business, though the specific systems involved beyond the general server designation were not disclosed. Auburn University did not release additional technical details regarding the attack methodology or the identity of the threat actor.