East Central University, located in Ada, Oklahoma, encountered a targeted cyberattack in February, as disclosed in a notification letter to stakeholders. While the attack did not succeed in compromising critical university services, it managed to infiltrate various campus computers, raising concerns about data security and integrity. ECU’s IT department promptly mobilized a third-party cybersecurity response team to contain and mitigate the assault, initiating incident response protocols to assess the attack’s extent, fortify defenses, conduct forensic analysis, and gain visibility into the campus network and systems.
Simultaneously, ECU took proactive measures to address the breach’s impact, including password resets, critical service evaluations, and the implementation of an incident response strategy. The university also prioritized communication with its community, utilizing internal channels such as direct email updates, mandatory forums for employees, and optional public forums for students to provide information and address concerns. Additionally, ECU created a dedicated webpage with FAQs and established a designated email address and phone number for individuals seeking further clarification or expressing concerns.
Despite ongoing investigations, ECU remains vigilant in assessing the extent of data compromised during the attack. While no evidence suggests unauthorized access or data theft, the university recently discovered that a certain number of individual names and Social Security numbers may have been accessible to the cybercriminal group. As the investigation continues, ECU is committed to providing transparent updates to its community and ensuring the security of its systems and data.
