NewsOK reports:
The University of Oklahoma Health Sciences Center announced Monday that a College of Nursing Web server was compromised.
University personnel discovered the security breach Oct. 20, according to a news release. While working to recover the system on Nov. 3, they learned the compromise could have enabled unauthorized access to sensitive data.
University officials have not found evidence of any unauthorized access to data.
Personally identifiable information about students who applied to or attended the College of Nursing from 2005 to the present was vulnerable to unauthorized access. The data included identifiers such as name, address, date of birth and, for some applicants and students, Social Security numbers.
Read more on NewsOK.
Update: The uni’s media notice:
Monday, December 8, 2014
The University of Oklahoma Health Sciences Center announced today that on Oct. 20, 2014, University personnel discovered that a College of Nursing web server had been compromised. While working to recover the system on Nov. 3, 2014, personnel learned that the compromise could have enabled unauthorized access to sensitive data. The University has not found evidence of any unauthorized access to this data.
Personally identifiable information about students who applied to or attended the College of Nursing from 2005 to the present was vulnerable to unauthorized access. The data included identifiers such as name, address, date of birth and, for some applicants and students, Social Security numbers.
Out of an abundance of caution, the College of Nursing is offering a paid one-year subscription to identity theft protection services to those applicants and students whose Social Security numbers may have been accessed. Current students will receive instructions from the College regarding how to access the services. Former students and applicants may contact the College at (405) 271-2478 or by completing this survey for more information.
The University takes seriously its obligation to protect its students’ information. In response to this incident, the compromised system was taken offline, and the web site was transitioned to a new system with additional access restrictions in place. OU officials have notified law enforcement of this incident and will cooperate with any resulting investigation.