University of Rochester

University of Rochester Requests Password Changes Because of Vendor's Database Incident

May 11, 2012

A computer server at the University of Maine, which held some identifying information for customers of the University of Rochester's computer store, was breached by hackers on April 27. The affected database contained the name, address, email address, and network ID and password for about 2,100 people connected to the University of Rochester.

No Social Security numbers or credit card numbers of Rochester customers were stored on the University of Maine computer. As a preventive measure, the University of Rochester has already contacted all individuals whose names were found on the Maine server, asking them to change their official University of Rochester passwords by May 14.

When the breach was discovered, local and state law enforcement officials in Maine began investigations and asked federal officials to join the effort. The investigations continue.

The University of Maine had operated online shopping cart services for computer stores at several U.S. universities, including Rochester, for more than 10 years.

The University of Rochester has discontinued use of the University of Maine service and has requested that the University of Maine remove all names and information on University of Rochester affiliated people. The University of Rochester is continuing its internal security procedures to support its network processes and systems.