Cyber Incident Victim: University of Wisconsin-Parkside

On March 16, 2014, University of Wisconsin-Parkside technology services staff discovered malware during routine maintenance on a university server storing personal information of approximately 15,000 students. The compromised data included names, addresses, telephone numbers, email addresses, and Social Security numbers belonging to individuals admitted or enrolled at the university beginning in fall 2010. University officials immediately shut down the affected server upon detection and reported the incident to law enforcement. An investigation was initiated with assistance from a computer security consultant to determine the scope and origin of the breach. While the malware's presence created potential exposure of sensitive information, investigators found no evidence that any data had been copied or exfiltrated from the system. Analysis suggested the attacker's objectives did not appear to center on identity theft, though the exact motives remained unspecified.

The university began notifying all potentially impacted students on March 27, 2014, eleven days after the initial discovery. In its public notification, UW-Parkside emphasized its assessment that the likelihood of sensitive data being misappropriated was remote based on forensic findings. Chief Information Officer Ilya Takovlev stated the institution had a responsibility to conduct a thorough investigation while implementing measures to prevent recurrence. No additional system compromises were identified during the investigation beyond the single infected server. The breach notification did not disclose technical details about the malware variant involved or the duration of unauthorized access prior to detection. Students received guidance through official university channels but no public reports indicated follow-up incidents related to this specific compromise.