Weather Forecast


Grand Forks snowfall hits 3 inches ... and mounting


NDUS warned about IT security in 2011, uncertain whether flaws linked to recent system hack

Email Sign up for Breaking News Alerts
News Grand Forks,North Dakota 58203
Grand Forks Herald
(701) 780-1123 customer support
NDUS warned about IT security in 2011, uncertain whether flaws linked to recent system hack
Grand Forks North Dakota 375 2nd Ave. N. 58203

More than two years before the recent North Dakota University System server breach, in which the personal information of more than 290,000 students, faculty and employees was potentially accessed, an audit that showed there were several areas of high risk.


One of them was IT security.

University System spokeswoman Linda Donlin said in an email she “couldn’t speculate” on whether the hack had anything to do with holes in the system from 2011, as the investigation is ongoing.

The audit, performed by the firm LarsonAllen, cited “shadow systems” that were able to be used by outside parties, as well as employees with “additional access than what is needed based on job responsibility.”

At the time, the University System proposed reviewing employee roles to perhaps change their level of access and developing a “recommendation to help establish procedures for identifying, cataloging and coping with data collections and systems,” such as shadow systems.

In other words, they were going to work on it.

Donlin said in the email that since then, the University System has implemented programs to eliminate some shadow systems, reviewed and restricted some user access to certain sensitive information and provided threat detection services to University System Internet links at state agencies, political subdivisions and K-12 schools.

“Security of our system and protection of our data is of the utmost importance to us,” Donlin said. “It is something we must be ever-vigilant about as criminals like this are always looking for ways to commit their crimes.”

The University System said the recent server hack, which went on for four months before being noticed Feb. 7, was used as a launch pad to access other servers and have no evidence any personal information was used or stolen.

The University System  is offering free identity protection services through AllClear ID for the next year and have opened a call center to answer any questions about the incident. The call center can be reached at (855) 711-5990 from 8 a.m. to 8 p.m. Monday through Saturday.

Anna Burleson
Anna Burleson is the higher education reporter for The Grand Forks Herald. She is a 2013 graduate of the University of South Dakota's Mass Communication program and is originally from Watertown, S.D. Contact Burleson with story ideas or tips by either phone, email or Twitter, all of which are listed below. More examples of her work can be found at
(701) 780-1114