The suspect was unsuccessful in accessing information in one lab, but could have obtained private information in a public computer lab commonly used by students, faculty and staff.
Ellis said he was not an employee or person of trust and does not know the reason of the hacking. The suspect could have accessed personal and financial information, but, "there's no indication to suggest that that was the intent of the individual," Ellis said.
"There's some indication that they were trying to get access to exams," Ellis said about the suspect. "But that's not completely clear and to what extent."
The university began mailing letters Aug. 4 to the 1,200 people possibly affected, advising them to change passwords and offering credit monitoring services. An initial assessment indicates that routine security measures would have already prompted most of those people to change their passwords.
"The most important part is to emphasize to users students, faculty and staff the importance of keeping password distinct and separate," Ellis said. "If I had been one of the users, if my password was the same for my personal accounts and financial accounts, I would be very concerned."
Ellis said it's important to change passwords frequently. He said the system at WSU forces users to update passwords every 120 days.
Allison Barlow Hess, a WSU spokeswoman, said it's the school's operating policy, though not an official one, to not release any student names related to crimes, instead letting those who file charges release the names.
The Weber County Attorney, Dee Smith, with the case information, could not be reached Wednesday.