THE INCIDENT AND ACTION BEING TAKEN
While investigating a computer virus, on September 17, 2009, Cameron University discovered that some of its network computers may have been infected by additional potentially harmful computer code. An investigation revealed that the code was part of another computer virus. If complete, this virus creates the potential for access of computer files, including personal information, by computers outside of the secure network. Immediately upon discovery, the University engaged the University of Oklahoma Data Discovery and Digital Forensic Services to restore security and eliminate potential for outside access. The University also advised the appropriate agencies so that necessary investigation could be initiated. There is no evidence that any personal information has been acquired, misused, duplicated or distributed.
The University is not aware of any misuse or conversion of personal information or of any identity theft as a result of the situation; however, as a matter of extreme caution, it is recommended that you contact your banks, financial institutions and credit card companies to ensure that your information has not been compromised.
IF MY INFORMATION WAS AMONG THE FILES, DOES THIS MEAN I AM A VICTIM OF IDENTITY THEFT?
No. The fact that someone may have had access to your information does not mean you are a victim of identity theft or that they intend to use the information to commit fraud. We wanted to let you know about the incident so that you can take appropriate steps to protect yourself.
HAS MY INFORMATION BEEN USED TO STEAL MY IDENTITY?
At this time, we have no indication that any information was improperly accessed or has been used for illegal or malicious purposes. However, the potential risks associated with identity theft are serious matters, and that is why we have contacted affected individuals and the appropriate agencies.
WHAT IS CAMERON DOING TO PREVENT THIS FROM OCCURRING AGAIN?
The University added additional safeguards and protocols to ensure the security of the network, and has removed and is completely reconfiguring affected machines.
WILL CAMERON CONTACT ME TO ASK FOR PRIVATE INFORMATION BECAUSE OF THIS EVENT?
In similar situations at other institutions, people have reportedly been contacted by individuals claiming to represent the university and who then proceed to ask for personal information, including social security numbers and/or credit card information. Please be aware that Cameron will only contact you about this incident if additional helpful information becomes available. We will not ask you for your full social security number. We will not ask for credit card or bank information. We recommend that you do not release personal information to any contacts of this nature that you have not initiated.
WHAT SHOULD I DO?
You should carefully review any bills that you receive in the near future, including credit card transactions, to ensure that the charges associated with your accounts are accurate. For additional information about requesting free initial fraud alerts and information of identity theft, please visit: http://www.cameron.edu/its/faq_identity_protection
John M. McArthur