Following unauthorized access, StarID passwords need to be reset
Faculty, staff and student StarID passwords are set to expire at 11 p.m., Friday, June 23, 2017 as a precautionary measure following the unauthorized access and release of data from a MSUM computer server in early June. An unauthorized party accessed non-sensitive but private data on students, as well as public information on faculty and staff. No financial information, passwords, social security numbers or academic records of faculty, staff or students were stored on the server or were accessed.
The first and last names, preferred first and last names, and StarID and Dragon ID numbers of approximately 800 faculty and staff were accessed without authorization. By law, these are public records on employees. The same information on approximately 8,000 students was also accessed. Student StarID and Dragon IDs are defined as limited directory information and are therefore private data on students. A fraction of the data accessed has been posted on various third party’s website.
The affected server has been taken off-line and MSUM and Minnesota State IT security staff are continuing their investigation.
Affected faculty, staff and students will be sent an email with directions on how to reset their StarID passwords. After a password has expired, individuals will need to set a new password before accessing services that require a StarID. Students will also be notified of this event by mail, as required by law.
Minnesota State University Moorhead regrets this incident and any inconvenience it may cause. We make every effort to protect private data and to being transparent in our actions. If you have further questions related to this incident, please contact Dan Heckaman at daniel.heckaman@mnstate.edu or 218 477-2300.