Illinois College Suffers Data Breach

An Illinois college is offering nearly free credit monitoring to over 1,700 current and former employees following a recent data breach.

Officials at the College of DuPage confirmed on Monday that a cybersecurity incident had taken place recently. 

College president Brian Caputo said that personal and tax information belonging to 1,755 staff had been compromised. Data exposed in the incident included 2018 W-2 tax forms.

Caputo told the Daily Herald that the likelihood of the exposed information's being obtained by criminals or used for fraudulent purposes was low.

"However, the responsibility to protect private information is taken very seriously," Caputo said in a statement. "Therefore, the college is notifying the affected individuals out of an abundance of caution."

In addition to issuing breach notifications, the Glen Ellyn college is offering credit monitoring and identity protection services to current and former employees free of charge.

Caputo added that in a bid to prevent any future breaches, additional procedural safeguards have been implemented. 

An investigation into how the breach occurred is yet to produce any conclusive results. The college has not stated when the incident occurred or when it was discovered, nor shared any details regarding how the sensitive data came to be exposed.

"College of DuPage sincerely regrets this unfortunate incident and apologizes for any concern it may cause," Caputo said.

News of the cybersecurity incident comes as the college implements an alternative instruction plan in the wake of the COVID-19 pandemic. So far, no cases of the novel coronavirus have been confirmed among students, faculty, or staff. 

Elsewhere in the state, attackers infected the website of Champaign-Urbana Public Health District in Illinois with NetWalker ransomware last Wednesday. 

The cyber-attack was timed to hit as Americans clamor for up-to-date health advice and information amid the spread of COVID-19. 

"The timing is horrible," said health department administrator Julie Pryde on March 11. “The public needs to know it’s being taken care of, and we’re still functioning."

With the department's website temporarily out of service as a result of the attack, CUPHD used its social media accounts to share information on the coronavirus. 

Fortunately, the health department's website was back up and running by March 12.

What’s Hot on Infosecurity Magazine?