I suspect the IT Labor Day picnic has been disrupted

September 6 Update: The latest sent around by Walter Kraft on this:

As we reported yesterday, an investigation is underway into a breach of security in an EMU server that controls my.emich passwords and Banner Self-Service PIN codes for students and employees.  The area that was compromised did not contain social security numbers or birth dates, or personal banking information.  It does contain login information, though, that could allow access to employees self-service information, including direct deposit information.  We consider this unlikely given the complexity of the area breached and the manual process required to access this data, however we are issuing this advisory as a precaution given the possibility.  Employees with direct deposit are advised to monitor their accounts for unusual activity.  If unusual activity is discovered, please contact your bank immediately, as well as IT staff.

As of this morning, there are no reports of unexpected user issues.  IT is continuing to investigate the situation.  EMU DPS also has been notified and has opened an investigation in the event that criminal activity is uncovered.  The IT Help Desk staff and IT system administrators will continue to monitor system access logs and report any unusual activity to the IT security team.  If you have any questions or suspect unusual activity, please contact the Help Desk at helpdesk@emich.edu or at 734-487-2120.  IT has brought in several additional staff today in order to respond to phone calls and questions.  Phone calls will be taken from 10 a.m. – 4 p.m. today, with staff continuing to monitor email inquiries through the evening.  The IT staff will continue to work through the holiday weekend on this issue, and will provide further updates as necessary.

I’ve noticed nothing odd yet….

First, I (along with everyone else at EMU, I presume) received this email from VP for communications Walter Kraft:

An investigation is underway into a breach of security in an EMU server that controls my.emich passwords and Banner Self-Service PIN codes for students and employees.  The breach occurred Friday at about 11:30 p.m.  System irregularities were initially discovered yesterday by IT staff.  Further investigation today revealed a security breach.  The area that was compromised did not contain social security numbers or birth dates.  It is possible that banking information for employees with direct deposit could be accessed in the area involved.  We consider this unlikely given the complexity of the area breached, however we are issuing this advisory given the possibility.  We understand and appreciate that this is a serious matter.  IT is continuing to investigate the situation and has enlisted an external data breach consultant to assist with the diagnosis and remediation of the security issue.  EMU DPS also has been notified and is opening an investigation in the event that criminal activity is uncovered.  The IT Help Desk staff and IT system administrators will continue to monitor system access logs and report any unusual activity to the IT security team.  At this point, there are no reports of unexpected user issues.  If you have any questions or suspect unusual activity, please contact the Help Desk at helpdesk@emich.edu.  The IT staff will continue to work through the holiday weekend on this issue.

Shortly after I received that message (6:06 PM on September 5), EMU’s Emu Eaglemail went dead.  Hmmmm…..