The full letter of notification is here.
The warning stems from a recent discovery that a current employee’s computer was infected with a particularly sophisticated virus that is typically used to capture login credentials. The University’s Information Security Office says it is unlikely that other files containing personal information were accessed. However, officials felt that it was best to be cautious, even with just a slight possibility of identity theft.
Those who may have been affected include individuals employed by the University between 2002 and 2006.
The campus urged individuals who may have been affected to take steps to protect themselves from identity theft. The recommendation was to place a fraud alert with one of three credit reporting agencies, and to examine the resulting free credit reports for irregularities. Anyone spotting irregularities should contact one of the agencies or file a report with local law enforcement.
The University also apologized to those who may have been affected, and said it was taking steps to reduce the likelihood of such an incident happening again.
Anyone who may have been affected and has additional questions may contact the HSU Information Security Office at (707) 826-3815.