Algonquin College cybersecurity attack update

Posted on Monday, July 16th, 2018

OTTAWA — On May 16, Algonquin discovered unauthorized and illegal access by hackers on one server infected with malware.

The College acted immediately to re-establish the security of the server. Forensic experts were brought in to investigate the scope of the attack and the information compromised. The investigation determined that the infected server hosted access to databases which contained personal information.

The detailed forensic investigation currently underway has revealed no direct evidence that any data was actually accessed or taken in the cyberattack.

That analysis also shows that no financial information was exposed in the incident. For example, the data did not contain Social Insurance Number (SIN), banking or credit card information. The affected data also did not include any personal health information.

While there have been no reports of identity theft or other misuse, the College has identified 4,568 individuals – including students and alumni – whose information which may have been exposed was more detailed, including date of birth and home address. Those individuals were alerted via e-mail on Monday, July 16 and will be receiving a letter through Canada Post. Out of an abundance of caution, these individuals are being offered identify theft protection based on the College’s risk-assessment analysis.

An additional 106,931 individuals – including students, alumni, and current and former employees – had non-sensitive information that may have been exposed on the server. This information was assessed as presenting a low risk of misuse if in fact it were accessed. The College is in the process of contacting this second group by letter.

The College has set up a toll-free number for anyone with questions or concerns (1-866-252-2644 during normal business hours). They can also e-mail acadvisory@algonquincollege.com or visit our website (algonquincollege.com/cyber).

The College has implemented a number of additional security measures recommended by an external security consultant.

“We are committed to communicating with and supporting those affected – and addressing any concerns they might have,” said Algonquin College President Cheryl Jensen. “We are also focused on reviewing and improving security measures to help us guard against similar incidents.”

Algonquin has informed the Information and Privacy Commissioner of Ontario and the Ottawa Police Service so that they will be informed and able to assist individuals affected in the unlikely event that some misuse of information occurs.

The College’s website (algonquincollege.com/cyber) on the cyberattack features new FAQs and background information, and will be updated regularly.

The forensic investigation into this incident continues.

-30-

MEDIA CONTACTS

Ruth Dunley
Communications Manager
Algonquin College
613-727-4723 ext. 6452
dunleyr@algonquincollege.com

Chris Lackner
Communications Officer
Algonquin College
613-727-4723 ext. 2091
lacknec@algonquincollege.com


Comments

Comments are closed.