University of Delaware officials identify cause of cyber security breach

    University of Delaware (UD) officials have identified the cause of the cyber security breach that resulted in the theft of confidential information of 72,000 current and former employees.

    According to the university’s IT Associate Director Karl Hassler, the breach occurred within third-party software.

    “It was a vulnerability of software we acquired from a vendor in the Java programming suite so that was zero-day vulnerability and the hackers exploited that,” said Hassler.

    UD is working with the FBI and a private security forensics firm to identify the hackers.

    Damage control and quick solutions

    In the mean time, files containing the names, addresses and social security numbers of 72,000 current and former employees are in the hands of an illegal party.

    The university is offering three years of credit monitoring to those affected.

    Along with credit monitoring, Mark Hufe, director of the Center for Cyber Security at Wilmington University says there are additional steps online users can take to prevent a cyber hack.

    “Secure passwords, keep your antivirus software updated,” said Hufe. “Do all your software updates. Those updates come out because people find vulnerabilities.”

    He also says to look for abnormal wording in emails and never open a suspicious attachment.

    Want a digest of WHYY’s programs, events & stories? Sign up for our weekly newsletter.

    It will take 126,000 members this year for great news and programs to thrive. Help us get to 100% of the goal.