Students informed of SFU community data security breach

By: Gurpreet Kambo, News Editor

A security breach caused SFU’s Chief Information Officer Mark Roman to send out an email to SFU students on the morning of March 2, 2020. According to the email, all SFU community members who joined SFU before June 20, 2019 are affected by the breach.

“We deeply regret this incident, are working diligently to contain the situation and are committed to helping mitigate the potential risks and harm to our faculty, staff, students, alumni, and retirees,” stated Roman, in the email.

The breach was a ransomware attack that occurred on February 27 and was amended by SFU on February 28. The exposed system is once again secure.

According to the email, the data that was potentially exposed includes:

SFU Computing ID
SFU student/employee ID number
First, last and preferred names
Birthdate
Employee group
Mail lists which the SFU Computing ID belongs to
Course enrollment
External email address
Data from web forms (list of forms available on IT Services web site)
Encrypted passwords were also exposed.

It goes on to state that the risks related to the breach may include identity theft, unsolicited emails, and risk of additional personal information being exposed as a result of the first breech.

SFU is still in the process of assessing the risk and responding accordingly. The email lists the steps that SFU is taking as a result of the breach. These include notifying those who were exposed, assisting individuals upon request, further investigating the breach, reviewing security and operating procedures, and reporting the breach to BC’s Office of the Information and Privacy Commissioner.

The email urges SFU community members to immediately change the passwords to their SFU Computing IDs, and to monitor their personal accounts on an ongoing basis.

In an emailed statement to The Peak, SFSS VP University Relations Shina Kaur stated that: “I sent an email to Mark Roman requesting the SFSS be briefed on this matter. Particularly what the implications are and what SFU is doing to prevent this from happening in the future.”

Kaur continued: “Regarding the incident, it’s extremely unfortunate that this happened but I am glad it seems to be resolved. I would recommend everyone to change their SFU password just to be safe.”

She added that Roman’s office is presenting to the SFSS Board of Directors this coming Wednesday, after which she will have additional information to share with students.

The Peak has reached out to Roman regarding the breach, and will update this post accordingly.

GSS and SFSS express concern over heating conditions in student residences

Indigenous Student Centre observes Red Dress Day

Migrants suffer cuts to health-care amid changes to immigration law

SFU Canadian Cancer Society hosts 12th annual Relay for Life

Students can be “middle powers” through collective action

Brighter Side: Making the most of your last summer class

The VPL staff do much more than shelving books

Once a tool of empire, cricket has been reclaimed for good

A teaser of Waterfront’s best kept summer secret

Angst and the avant-garde: A review of Tanya Tagaq’s Saputjiji

Reconciling: A Lifelong Struggle to Belong book talk

Jenny Yu on immigration, labour, and the Canadian Dream

Health policy expert Dr. Leah Shipton explains duplicative health-care

SFSS bars recording at Council meetings, deterring student reporting

Black women musicians and the stubborn R&B label

Fascism across borders: the Canadian companies collaborating with ICE

What kind of raccoon shitter are you?

The PNE funhouse is where the government keeps the fucked-up parallel versions of everyone during its off-season

QUIZ: Which Peak staff member are you?

Shark Bowl: The BC Conservative Party leadership race

Wayne Gretzky’s false Canadiana

Former SFU women’s basketball coach inducted into Canadian Basketball Hall of Fame

How the Red Leafs fared to start 2025

Staying active when everything feels expensive