Cyber Incident Victim: Concordia University

On March 21, 2016, Concordia University notified its community about a potential computer security breach involving unauthorized hardware devices discovered on campus workstations. The university identified keylogger devices—hardware capable of recording keystrokes—attached to express workstations in the Webster and Vanier libraries. These compromised terminals were designated for short-term use, limiting sessions to a maximum of 10 minutes per user. While the exact installation timeline remained unspecified, the university advised anyone who had accessed library workstations within the preceding 12 months to assume potential exposure. The discovery prompted immediate warnings to students and staff, emphasizing the risk of captured credentials and sensitive data. No information was disclosed regarding the total number of affected devices, the duration of the keyloggers' presence, or the method of detection.

The incident posed risks primarily to individuals who had entered passwords or financial information on the compromised terminals during the exposure window. Concordia specifically highlighted concerns about online banking credentials due to the potential for financial fraud. In response, the institution directed affected users to change passwords associated with university accounts and any other services accessed via the workstations, particularly recommending updates to banking credentials as a precautionary measure. The university’s public advisory did not confirm whether unauthorized data collection had occurred but treated the discovery as evidence of a deliberate attempt to harvest information. No additional technical containment measures, forensic findings, or perpetrator details were disclosed in the initial notification. The incident underscored vulnerabilities in publicly accessible computing infrastructure while leaving key operational questions about the breach’s scope and origins unanswered in the available public reporting.