Missouri Southern State University & Graceland University suffered data breach

Graceland University said that there were three incidents in recent times, where an unauthorized user has gained access to employees' email accounts. The Graceland University said in a data breach notice published on Jun. 14, 2019, that an "unauthorized user gained access to the email accounts of current employees," on Mar. 29 as well as "from April 1-30 and April 12-May 1, 2019, respectively".

The Graceland University has discovered during breach investigation that "the personal information of some people who had interacted with these email accounts over the past several years was available during the time the unauthorized user(s) had access".

The university have not revealed how many records were exposed due to those unauthorized entry, but the Graceland University did say that information which might have been accessed as well as compromised during these incidents contain full name, date of birth, social security number, telephone number, address, salary information, email address, as well as financial aid information for the enrollment or the possible enrollment in Graceland.

Like Graceland University, the Missouri Southern State University (MSSU) too suffered recently from a data breach. MSSU revealed that employee 365 Office accounts were targeted in one phishing campaign.

Mike Olmstead, MSSU Director of News Services & Messaging, said that MSSU becomes a cybersecurity attack victim on Jan. 9, 2019. The cyber attack was triggered by the phishing email on Jan. 9, 2019. The phishing attack has made a number of victims among university's employees.

The MSSU responded quickly and hired a topmost forensic investigation company to look into this security incident and also to "block potential email exploitation, including a mass password reset of all employee Office 365 accounts."

Once the contents of impacted Microsoft Office 365 accounts were analyzed, the MSSU found that emails contain the first names and last names, home addresses, dates of birth, email addresses, social security numbers, and telephone numbers.

MSSU has notified the Attorney General's Office of Missouri and Federal Bureau of Investigation Cyber Crime Task Force about this incident. The University also worked diligently to inform all the impacted individuals, after the results of their investigation was communicated to the law enforcement. All the impacted individuals were mailed notification letters on Jun. 13, 2019. Moreover, the MSSU has offered all the impacted individuals complimentary credit monitoring for 24 months.

» SPAMfighter News - 7/4/2019