2,500 students, alumni and staffers affected by University of Buffalo data breach
The University of Buffalo reported that about 2,700 students, alumni, faculty and staff accounts were compromised when a third-party vendor was breached.
The school said in a statement login credentials were compromised when an unnamed third-party vendor suffered a data breach. Those involved had their passwords and usernames exposed when they logged into a non-UB website using their school login information. The issue was discovered on May 12 and the school is still investigating which of the external website was involved.
“At this point, we do not have evidence that individuals’ financial, academic or private information was viewed or stolen; however we are contacting impacted individuals to make them aware of this issue and to inform them how to take precautions to protect themselves against possible misuse of their information,” UB Associate Vice President for Media Relations John Della Contrada said in a statement.
About 1,800 of those affected were students, 862 were alumni with the remaining 28 accounts belonging to staff and faculty. Della Contrada said to SC Media that all passwords have now been reset.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise