Cyber Incident Victim: University of Alaska
Date:
Feb 2018
Location:
United States of America
Summary
A data breach at the University of Alaska compromised approximately 50 current and former employees and students after unauthorized third parties altered user passwords, rendering victims unable to access their institutional accounts. The incident disrupted critical services including Blackboard Learn, university email systems, and UAOnline platforms. Security teams from the university's Office of Information Technology and campus IT departments launched an investigation upon receiving reports of account access issues, confirming external manipulation of credentials as the cause. No additional systems or personal data types beyond account credentials were explicitly reported as impacted in the disclosed details.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around February 22, 2018, the University of Alaska (UA) experienced a data breach impacting current and former employees and students. The incident was initially detected when users began reporting they could no longer access their password-protected Alaska.edu accounts. This disruption affected critical university systems including Blackboard Learn (the learning management platform), Google Mail (email services), and UAOnline (the administrative portal for student and employee functions). University officials confirmed unauthorized access had occurred, with 50 individuals having their accounts compromised. The university system’s Office of Information Technology, alongside campus-specific IT and security teams, immediately launched an investigation into the incident.
The investigation determined that a third party had altered user passwords, directly causing the account lockouts and service disruptions. While the exact method of initial compromise wasn’t disclosed, the password changes by unauthorized actors confirmed the breach of account credentials. The university did not specify whether personal data beyond account access was exfiltrated or misused. Response efforts focused on restoring legitimate user access to affected accounts and securing systems against further unauthorized activity. No additional technical details about the attack vector, duration of unauthorized access, or identity of the third party were released publicly at the time of the initial reporting. The incident highlighted vulnerabilities in account management processes, prompting internal reviews by university IT security personnel.