UA’s Online Computer Store Affected by Hackers
The University of Arkansas’ chief financial officer said Thursday that hackers breached a third-party, Maine-based computer data server and exposed data stored for the University of Arkansas Computer Store, a university auxiliary unit that offers online shopping for computer-related hardware and software.
On Tuesday, the university determined that the breach could affect as many as 1,007 computer store customers who made online-only transactions at some time during the past four years, according to a news release from the university.
University officials believe that once it completes its analysis, the actual number of affected customers will be smaller.
At this time, a review shows that seven customers’ complete credit card numbers were located in the breached data server, with one customer being a unit of the university. Significantly, no security codes or other sensitive authentication data were stored on the server for any customers, officials said.
Donald O. Pederson, vice chancellor for finance and administration, said the security breach affected a computer server configuration maintained at the University of Maine in Orono, which for several years provided hardware and software support for online computer sales and related transactions on behalf of several universities.
Pederson emphasized that no servers at the University of Arkansas were involved or breached. The breach had no effect on in-store purchases at the University of Arkansas Computer Store.
University officials became aware of an alleged breach on Friday, April 27, and immediately consulted with the service provider, forensic investigators and law enforcement to determine what data, if any, might have been affected. The university will work to ensure that affected cardholders receive notice of the breach.