Update: Associated Students Server Security Breach

Although the risk of identity theft is low, phishing scams are possible. This means you should read incoming email carefully, and avoid clicking on links asking you to update your username and password. Emails that ask for your login information are scams.

Media Contact: Pat Lopes Harris, 408-656-6998

On June 26, SJSU learned a hacker breached an Associated Students of SJSU server. Please note the breach affected Associated Students only. SJSU employee data and MySJSU are completely separate and were not affected. Therefore, the breach will not impact fall 2012 registration and did not result in the release of thousands of student Social Security numbers or student ID passwords as suggested by the media.

However, we must warn you that hackers may have accessed names, home addresses, email addresses, telephone numbers and student ID numbers, but absolutely no corresponding passwords, for students from 2003 to present. Also, hackers may have accessed approximately 200 student driver’s license numbers. We will do our best to notify every impacted individual.

Although the risk of identity theft is low, phishing scams are possible. This means you should read incoming email carefully, and avoid clicking on links asking you to update your username and password. Emails that ask for your login information are scams.

The SJSU information security officer is working with Associated Students to implement improvements to the A.S. server. We apologize for the delay in contacting you. We have been reviewing every aspect of the A.S. server with the goal of providing you with accurate information.

Please report any suspicious activity to the University Police Department at 408-924-2222. UPD has opened an investigation, and will report this case to federal authorities.

We know you may have questions or concerns. Please feel free to contact the SJSU Public Affairs office at 408-924-1166 or publicaffairs@sjsu.edu.