FAYETTEVILLE, Ark. (KTHV) - The University of Arkansas' online computer store has been affected by third-party server hacking.
UA's chief financial officer said Thursday that hackers breached a third-party, Maine-based computer data server and exposed data stored for UA's computer store, which is an auxiliary unit that offers online shopping for hardware and software.
Officials say that on Tuesday, UA determined that the breach could affect as many as 1,007 computer store customers who made online-only transactions during the last four years. They're continuing to investigate and assume that once analysis is complete, the number affected will be smaller.
Currently, a review reveals that seven customers' complete credit card numbers were shown in the breached data server, with one customer being a unit of UA. No other authentication data were stored on the server for any customers.
Donald O. Pederson, vice chancellor for finance and administration, says no servers at UA were involved or breached. The third-party involved was located in Maine and handled online transactions for UA and other university computer stores.
"At this time specialists in Maine and in Arkansas continue to conduct forensic work on the breach," Pederson said. "Once that work is complete, we expect the number of exposed customer card numbers to be fewer - perhaps far fewer - than the 1,007 possibilities identified through the initial review."
"I must emphasize that the breach involved only this single, externally managed system that serviced the computer store's online transactions," Pederson said. "That system was taken offline on April 27 and will not be used again. No in-store transactions were affected. No University of Arkansas site was involved or affected by the compromised out-of-state server."
Source: UA News Release