May 2, 2006
Data Theft Update: McCombs School Responds to Computer Breach

In the wake of a computer data theft, the McCombs School has worked hard to notify and respond to those who may have been affected. The security breach, discovered April 21, may have exposed the personal information of thousands of faculty, staff, students, alumni, corporate recruiters and applicants for admission to an external intruder.

Last week, the McCombs Data Theft Web site had about 56,600 unique visitors as McCombs and University constituents learned about the data theft and what action to take. In addition, the Information Technology Services (ITS) call center, which is staffed by the University’s ITS Help Desk, answered questions from nearly 4,000 callers.

By last Wednesday, the McCombs School Response Team was formed to respond to the hundreds of McCombs constituents who contacted the school with questions about the data theft. As of this morning, the Response Team has contacted 1,664 people by e-mail and 370 people by phone. (All communications about the security breach to people outside of the school should be coordinated through the Communications Department.)

In addition, the University is working to prepare notifications to anyone whose records were accessed in any fashion. However, if you have not yet registered a fraud alert through one of the three credit monitoring agencies, we strongly recommend you take this step as soon as possible to protect yourself from identity theft.

At this time, the University is working with law enforcement officials to identify the attacker(s).

Unfortunately, this type of security breach is not an isolated incident. Within the last year, information security breaches have been reported at more than 50 universities, including Notre Dame, Duke, Stanford and the University of Southern California. Universities may be more vulnerable because databases are designed to be easily accessed by students, faculty, staff and alumni.

“Thefts such as this are reprehensible, and we sincerely regret the inconvenience and worry this may cause those who are so important to us,” said George Gau, dean of the business school. “The McCombs staff members who are dealing with this data theft are doing an excellent job. From the computer services team who is directly involved in the investigation to the people who are responding to our constituents quickly and efficiently, everyone’s efforts during this time are appreciated.”

While many of the messages from potentially affected individuals expressed concern about the security of their information, some McCombs constituents have also conveyed appreciation for the response efforts. Here are a few that were sent by e-mail:

“You’ve probably been getting lots of stressed-out emails, but I just wanted to say thanks for handling all of this in an efficient, transparent and professional manner.” –MBA ’06

“You are to be commended for going public and             proactive ASAP. Thanks.” –BBA ’73.

“As a former student…I just want to say thanks for your efforts in being proactive in this situation—not a pretty subject, but everything that has been done to date has been professional and first-class. Everybody within the school of business and the university has been out in front of this issue, getting the press releases out and the media notified in order to spread the word to those alumni, etc. that might be affected.” –BBA ’83