Virus accesses Salem State University database containing personal information for thousands
Twenty-five thousand current and former staff and student workers at Salem State University may have had their personal information compromised after a virus accessed a school database, school officials said.
Though the school is not aware anyone’s information was used maliciously, the administration determined it was best to notify all possible involved parties, said Tom Torello, vice president of marketing and communications at Salem State.
“We just wanted to be careful and let them know the possibility is out there that their information could have been compromised,” Torello said.
The school’s virus software was able to detect the Feb. 19 breach as it occurred, Torello said. Once detected, the school brought in forensic experts to address the breach; the school then notified those affected, Torello said.
A letter from the president of the university was sent March 11 to all 25,000 people with information in the affected Salem State human resources department computer database, Torello said.
Torello said that to the best of his knowledge, the database includes only current and former staff and student workers.
Brian Shaughnessy, a 1984 Salem State master’s program graduate, received the letter from the president in the mail Thursday. He said he did not recall working at the university, nor ever applying for a job there.
“With all that’s been in the news lately, it’s unsettling to receive a letter like that,” Shaughnessey said.
Just this week, news broke that many high-profile individuals, including Jay-Z and Michelle Obama, had their personal information stolen and posted online.
Torello said Salem State worked with Experian, a credit information company, to provide an identity protection subscription free for a year to those affected and to help them assess further steps to protect their personal information. Experian did not immediately return a call for comment Friday afternoon.
Shaughnessey, a Kennebunk, Maine resident, said he was considering registering for the identity protection program.
Though it appears no one’s information was compromised by the data breach, Torello recommended enrolling.
“This is such a common occurrence,” Torello said.
“Salem State’s just one of the ones on the long list,” of organizations falling victim to data breaches, he said.Lauren Dezenski can be reached at firstname.lastname@example.org