The Penn State College of Engineering has been the target of two “highly sophisticated” cyber attacks, university officials announced on Friday.
University officials were first notified of the attacks by the FBI last November, which began a large-scale investigation into the scope and origin of the hacks. According to a Penn State news release, university officials do not believe any research data, social security numbers, credit card information or other personally identifiable information had been stolen.
However, some of the affected machines included files that stored social security numbers of about 18,000 people, whom Penn State has already notified of the security breach.
“This is an incredibly serious situation, and we are devoting all necessary resources to help the college recover as quickly as possible; minimize the disruption and inconvenience to engineering faculty, staff and students; and to harden Penn State’s networks against this constantly evolving threat,” Penn State President Eric Barron says in a letter released on Friday.
University officials say they began an investigation as soon as the FBI tipped them off. The investigation was kept under wraps so the hackers would not realize they had been discovered. The first illegal access of Penn State’s engineering network reportedly dates all the way back to September 2012, and at least one of the attacks is believed to have originated in China.
Nick Bennett of the Mandiant cyber security firm calls these kind of attacks “the new normal” in a news release, and explains that all large institutions, companies and governments are constantly at risk. Mandiant is currently working with Penn State to investigate the hacks and strengthen the university’s security systems.
The College of Engineering’s computer network is currently disconnected from the internet, and is expected to be offline for several more days. Every student who has ever taken an engineering course, as well as all engineering faculty and staff, must change their Penn State passwords. Additional information for students, faculty and staff can be found here.
“In several days, our College of Engineering will emerge from this unprecedented attack with a stouter security posture, and engineering faculty, staff and students will need to learn to work under new and stricter computer security protocols,” Barron says in his letter. “…This is a new era in the digital age, one that will require even greater vigilance from everyone.”
University officials are expected to release additional details at a news conference on Friday afternoon.
POPULAR STORIES:
One Year Later, Woman’s Disappearance Still a Mystery
Child Rapist Declared Sexually Violent Predator, Sentenced to Decades in Prison
A Shovelful of Dirt: State High Takes First Step into the Real World
Fran Fisher’s Biggest Fans Were Bill O’Brien and James Franklin… And the Feeling Was Mutual
Penn State Student Allegedly Breaks Into Same House Twice, Falls Asleep Both Times
