This is an archived article that was published on sltrib.com in 2014, and information in the article may be outdated. It is provided only for personal research purposes and may not be reprinted.
Personal information of as many as 1,200 students, faculty and staff at Weber State University may have been compromised during multiple possible break-ins to computer labs.
A WSU student was charged July 29 in the incident. The burglar broke in after-hours to the Science Lab Building and Building 4, said Bret Ellis, vice president for Information Technology. Ellis said he doesn't know for sure, but the suspect most likely broke in multiple times from January to April 2014.
"There were 1,200 individuals that were potentially compromised," Ellis said. "We believe it was way less than that. We're just trying to be extremely safe."
The suspect was unsuccessful in accessing information in one lab, but could have obtained private information in a public computer lab commonly used by students, faculty and staff.
Ellis said he was not an employee or person of trust and does not know the reason of the hacking. The suspect could have accessed personal and financial information, but, "there's no indication to suggest that that was the intent of the individual," Ellis said.
"There's some indication that they were trying to get access to exams," Ellis said about the suspect. "But that's not completely clear and to what extent."
The university began mailing letters Aug. 4 to the 1,200 people possibly affected, advising them to change passwords and offering credit monitoring services. An initial assessment indicates that routine security measures would have already prompted most of those people to change their passwords.
"The most important part is to emphasize to users students, faculty and staff the importance of keeping password distinct and separate," Ellis said. "If I had been one of the users, if my password was the same for my personal accounts and financial accounts, I would be very concerned."
Ellis said it's important to change passwords frequently. He said the system at WSU forces users to update passwords every 120 days.
Allison Barlow Hess, a WSU spokeswoman, said it's the school's operating policy, though not an official one, to not release any student names related to crimes, instead letting those who file charges release the names.
The Weber County Attorney, Dee Smith, with the case information, could not be reached Wednesday.