Thousands of UB community members’ account information have been hacked.
On Friday, UB confirmed that J. Brice Bible, vice president and chief information officer, is investigating and responding to a breach of external third-party accounts that comprised the login information for 2,690 UBITName accounts. The breach affects 1,800 student accounts, 862 alumni accounts and 28 faculty and staff accounts, according to UB spokesperson John Della Contrada.
“Our initial investigation indicates that the affected individuals’ login information was stolen when they visited a non-UB website and entered their university login information,” Della Contrada said in a statement.
“As soon as the issue was discovered, the university took immediate steps to address the problem, secure data and mitigate the risks. Information security is a daily priority at the university and we take protection of personal information very seriously.”
Students, alumni, faculty and staff can change their password online or in person at the two UBIT help centers or at 1Capen through May 22.
On Thursday, the affected account users received emails about the breach. The UBIT help center and the registrar's office are notifying impacted account users by email and phone. UB does not have any evidence of financial, academic or private information being viewed or stolen, according to Della Contrada.
“This incident provides an opportunity to remind members of the university community that they should protect and secure their information every day and should not using the same UB username and password for external services or websites,” Della Contrada said.
Della Contrada did not respond to whether accounts have or haven't been breached in the past.
Benjamin Blanchet is the senior features editor and can be reached at email@example.com and @BenjaminUBSpec.
Benjamin Blanchet is the senior engagement editor for The Spectrum. His words have been seen in The Buffalo News (Gusto) and The Sun newspapers of Western New York. Loves cryptoquip and double-doubles.