Students informed of SFU community data security breach

By: Gurpreet Kambo, News Editor

A security breach caused SFU’s Chief Information Officer Mark Roman to send out an email to SFU students on the morning of March 2, 2020. According to the email, all SFU community members who joined SFU before June 20, 2019 are affected by the breach.

“We deeply regret this incident, are working diligently to contain the situation and are committed to helping mitigate the potential risks and harm to our faculty, staff, students, alumni, and retirees,” stated Roman, in the email.

The breach was a ransomware attack that occurred on February 27 and was amended by SFU on February 28. The exposed system is once again secure.

According to the email, the data that was potentially exposed includes:

SFU Computing ID
SFU student/employee ID number
First, last and preferred names
Birthdate
Employee group
Mail lists which the SFU Computing ID belongs to
Course enrollment
External email address
Data from web forms (list of forms available on IT Services web site)
Encrypted passwords were also exposed.

It goes on to state that the risks related to the breach may include identity theft, unsolicited emails, and risk of additional personal information being exposed as a result of the first breech.

SFU is still in the process of assessing the risk and responding accordingly. The email lists the steps that SFU is taking as a result of the breach. These include notifying those who were exposed, assisting individuals upon request, further investigating the breach, reviewing security and operating procedures, and reporting the breach to BC’s Office of the Information and Privacy Commissioner.

The email urges SFU community members to immediately change the passwords to their SFU Computing IDs, and to monitor their personal accounts on an ongoing basis.

In an emailed statement to The Peak, SFSS VP University Relations Shina Kaur stated that: “I sent an email to Mark Roman requesting the SFSS be briefed on this matter. Particularly what the implications are and what SFU is doing to prevent this from happening in the future.”

Kaur continued: “Regarding the incident, it’s extremely unfortunate that this happened but I am glad it seems to be resolved. I would recommend everyone to change their SFU password just to be safe.”

She added that Roman’s office is presenting to the SFSS Board of Directors this coming Wednesday, after which she will have additional information to share with students.

The Peak has reached out to Roman regarding the breach, and will update this post accordingly.

SFU Canadian Cancer Society hosts 12th annual Relay for Life

Community members concerned about Conservative event at SFU

“Not at all” represented: Unhoused residents respond to Hastings decampment report

Human rights calls for Canada Soccer to condemn the Israel Football Association

Once a tool of empire, cricket has been reclaimed for good

Family makes food special

Mayorship is a responsibility

Reconciliation is forged by authenticity

VIMFF: Extreme Ascents focuses in on perils of Everest

Home, belonging, and marginalization at Dr. Umezurike’s book launch

Monday Music: For the upcoming Sinhala and Tamil New Year

Cafés to study at this finals season

SFSS bars recording at Council meetings, deterring student reporting

Black women musicians and the stubborn R&B label

Fascism across borders: the Canadian companies collaborating with ICE

Reconnecting with my hormonal rhythms

The PNE funhouse is where the government keeps the fucked-up parallel versions of everyone during its off-season

QUIZ: Which Peak staff member are you?

Shark Bowl: The BC Conservative Party leadership race

Board game cafés kill connections

Wayne Gretzky’s false Canadiana

Former SFU women’s basketball coach inducted into Canadian Basketball Hall of Fame

How the Red Leafs fared to start 2025

Staying active when everything feels expensive