University of Maine invests $2.6 million to close information security gaps

The University of Maine will spend the money to plug information security gaps discovered after an audit of the university’s IT systems, according to Rebecca Wyke, the university’s vice chancellor for finance and administration. The audit of IT systems found four areas of high risk and three areas of medium risk, according to a report in the Bangor Daily News.

At the same time, the audit showed that 78% of the university data systems were “clean”, Wyke said.

“We must address IT problems when they arise and prevent ongoing vulnerabilities by putting additional protections in place,” she was quoted by the newspaper as saying.

In June, the university disclosed that hackers had accessed the counseling center’s servers, which contained personal information on 4585 students and alumni who visited the center between Aug. 8, 2002, and June 21, 2010. This information included birth dates and social security numbers.

“This is a serious breach, and we are profoundly sorry that this has happened”, said Robert Dana, dean of students at the University of Maine. “There is no indication that data were viewed, compromised or downloaded from either of these servers, but we are operating according to a worst-case scenario,” he added.

The university informed affected individuals by letter and engaged Debix to monitor their credit activity. It also hired Protiviti to conduct an investigation of the data breach.

What’s hot on Infosecurity Magazine?