Thousands of Tufts University alumni have received letters over the past few days warning about a computer security breach that may have left their social security numbers and other personal information exposed.
According to school officials, several computers were exposed to an unknown virus or malicious software program. The computers contained old student files and they may have been downloaded.
Read more on Blast.
As of the time of this posting, there doesn’t seem to be any notice on Tuft’s web site.
Updated June 9: Tuft’s May 21 and June 3 notifications to the New Hampshire Attorney General’s Office are available on the web, here. The May 21 letter describes the malware as a variant of Torpig and describes the timeline by which Tufts became aware of the problems and the forensic steps they immediately deployed. I think that their notifications are a useful example of clear writing and how to provide solid information.