A hacker claimed to have collected 7 million Social Security numbers in July.
The university hasn’t explicitly confirmed it, but administrators discussed their investigation Tuesday.
A dark web dumping ground included details last month of the data breach involving University of Minnesota students dating back to 1989, the days of Nils Hasselmo, five university presidencies and 34 years ago.
"That is a significant risk to those individuals if it’s true," said Mark Lanterman, Chief Technology Officer for Computer Forensic Service.
The cybersecurity expert says he hasn’t tracked down student Social Security numbers or any other related data in the usual underground marketplaces.
But if it’s out there, he says this would probably be an unforced error by the university as it digitized the data.
"Why was this information, going back to 1989, stored on a computer that could be accessed by someone on the internet?" Lanterman asked.
Gopher alumnus Carlos Mostek says breaches always make him a little nervous, but based on what the hacker claims to have gotten his level of concern is low.
"Things like Social Security numbers, since the Equifax breach a few years ago, I think it’s like," he said as he shrugged his shoulders. "It’s probably out there already anyway."
Mostek says every breach is a reminder for people to use multi-factor authentication, so hackers can’t pry loose any other accounts, and for organizations to invest in cybersecurity.
"It seems inevitable that companies are going to be under one form of attack or another," Mostek said.
Lanterman says organizations should conduct data audits to review what’s being stored and why.
And he says every day people should freeze their credit to protect themselves.