Cyber Incident Victim: University of Nebraska at Omaha
Date:
May 2014
Location:
United States of America
Summary
The University of Nebraska Omaha experienced unauthorized access to an administrative server within its campus security department, discovered during a routine security scan. The compromised server contained files with personal information, including Social Security numbers, prompting an investigation involving law enforcement and a specialized data security firm to assess the breach's scope. The institution removed the affected server from service, initiated forensic analysis, and developed plans to directly notify potentially impacted individuals while establishing dedicated communication channels for updates and inquiries.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In May 2014, the University of Nebraska Omaha (UNO) initiated an investigation into unauthorized access to an administrative server managed by its campus security department. The breach was discovered during a routine security scan conducted in the week preceding May 16, 2014, though the exact date of initial intrusion remained unspecified. The compromised server housed files containing sensitive personal information, including Social Security numbers. UNO immediately removed the affected server from service to prevent further unauthorized access and engaged law enforcement authorities to assess whether any individuals' data had been exfiltrated or misused. The university concurrently retained a specialized data security firm to conduct forensic analysis, aiming to determine the intrusion's methodology, timeline, and scope. UNO's Chief Information Security Officer, Matt Morton, publicly acknowledged the incident on May 16, emphasizing the institution's commitment to resolving the breach while withholding specific details pending the ongoing investigation.
The university developed a communication strategy to notify potentially affected individuals once forensic investigators established the breach's parameters, though no timeline for notifications was provided. UNO established a dedicated webpage (www.unomaha.edu/about-uno/information-security-alerts.php) and email address ([email protected]) to disseminate updates and field inquiries. Morton advised vigilance regarding personal information irregularities, directing individuals to report suspicious activity to the FBI's Internet Crime Complaint Center (IC3) or the Federal Trade Commission's Identity Theft division. While UNO committed to creating a toll-free service center if warranted by the investigation's findings, no confirmed evidence of identity theft or fraudulent activity stemming from the breach had been reported at the time of disclosure. Law enforcement involvement continued as the forensic examination sought to reconstruct the attack vectors and quantify potential data exposure.