OSU reports Ecampus cybersecurity breach; info may have been exposed

CORVALLIS, Ore. – Oregon State University announced Thursday that personal information of some students and faculty may have been exposed during a recent IT security incident.

A cybercriminal accessed an OSU Ecampus server that contained student and faculty directory information such as email addresses, phone numbers and mailing addresses, the school said. No Social Security numbers were compromised in the incident. Ecampus is the university’s online education program.

“We take these matters very seriously,” said Steve Clark, Oregon State’s vice president for university relations and marketing. “While we have no indication at this time that the personal information was seen or used, OSU has notified these students and faculty members of this incident. And we have offered information about support services that are available, including credit monitoring services that the university will enable at no cost.”

Clark said Oregon State has taken measures to remediate the vulnerability and prevent future incidents like this from occurring. The server is back in operation with these measures in place.

“We will continue to monitor such efforts and systems, and take further steps to protect the university’s information technology and sensitive data,” he said.

Students and faculty members seeking more information about this matter may call 541-713-0400 between 8 a.m. and 5 p.m. Pacific time Monday through Friday.