Security breach found in KUNI computer system

Posted on Monday, April 18th, 2005

John Hess, director of broadcasting services, (319) 273-6406
Garry Bozylinsky, associate vice president for information technology, (319) 273-7779
James O'Connor, University Marketing & Public Relations, (319) 273-6728

CEDAR FALLS, Iowa -- A security breach was recently detected in the computer system that serves Public Radio KUNI/KHKE at the University of Northern Iowa (UNI). Among other things, the server contains information about donations to the Friends of KUNI/KHKE, including donor data such as name, address, phone number, pledge amount and credit card number.

'The breach was detected during routine monitoring,' said John Hess, UNI director of broadcasting services. 'We immediately took steps to fix the problem and increase security. After a comprehensive investigation including computer experts from UNI, our software vendor, and Microsoft, we found no evidence to suggest personal information was accessed.

'However, given the serious nature of the breach, we sent a letter to all our listeners who, prior to the breach, used a credit card to support the Friends of KUNI fund drives. This precautionary advisory provides suggestions about monitoring credit card records to ensure their accounts have not been tampered with.'

If donors find suspicious activity with their credit card account, they should immediately notify the bank or other organization that issued the card.

'No other UNI systems were breached, but we are double-checking all other university systems that contain sensitive information to ensure they are following appropriate security procedures.' said Garry Bozylinsky, associate vice president for information technology. The incident remains under investigation.