One of the Brandon University servers was hacked over the Thanksgiving long weekend.
Brandon University President Dr. Deborah Poff stated in an email sent to students and administration on the morning of Friday, October 18th that the university had received evidence confirming access by an unauthorized individual of one of the forty servers in the computer system on Monday, October 14th.
Read more on The Quill. The Brandon Sun reports that the hacker was the one to notify the university of the breach, but the article is behind a paywall. It’s not clear from the available coverage what information the hacker may have viewed or downloaded.
Update: CBC.ca has more details of note:
The university sent out another release on Wednesday, telling students student applications from 2004 to 2009 had been accessed by the hacker, and the university was investigating exactly what happened.
Officials said a “test database” that had real and fake student information was being used to develop new web tools for the university and that database was what was accessed.
They assured students no financial information or academic records were involved in the security breach, but conceded that social insurance numbers, names, birth dates and other information was stored in the database.
Ugh. How many times do entities need to be told not to use real data in test databases. And yet….