Attempted data breach tests strength of Valley’s cyber security

By Chardonnae Parker / Delta Staff Writer

Are you a creature of habit?  Do you use the same password and username for multiple account?  Do you do timely check to make sure your information is still good and has not been breached?  If the answer to any of these questions is yes, Missouri Valley College recommends that something needs to change.

In August 2019 the students, faculty, and staff were notified that there was a breach in security not just any type but to our cyber security.  Specifics of the attacks were shared in an email stating: “What Happened? According to Small Business Trends, in May 2019, the graphic design tool website Canva suffered a data breach that impacted 139 million subscribers. The exposed data included email addresses, usernames, names, cities of residence and passwords stored as crypt hashes for users not using social logins.”

“Your Missouri Valley email account was found in the list of exposed data,” wrote MVC System Administrator Jason Rinne. “What should I do?  Change your passwords immediately. Don’t use the same password for multiple sites. Use complex passwords and use a password manager like KeePass.  Why are you only hearing about this now? While the breach occurred in May 2019, sometimes there can be a lengthy lead time of months or even years before the data is disclosed publicly.” 

The email, which had the subject “data breach” was sent out to notify everyone.  Since the data breach, Missouri Valley’s information technology staff has worked tirelessly to complete a little damage control and prevent attacks like this from happening again.  Rinne reassured students, faculty and staff that the safety of Missouri Valley’s data is in good hands. The breach that occurred happened through a third-party system called Canva.  

“That data breach was not through Missouri Valley College system” said Rinne. “Their system was under a breach.  During that time, Missouri Valley’s security and data was not in any way shape or form compromised. The reason for the email and notification was to simple alert any student, faculty, or staff member who used the Canva.”  

After the notification, some of Missouri Valley’s staff members felt as though they do have to worry about their personal data and information being compromised. Women’s Basketball Graduate Assistant Veronika Petkova said in the transition from student to staff, she noticed she gets more emails concerning possible data breaches or information hacks. 

“Just last year we had an issue with coaches and athletic staff member emails being hacked, so it is most definitely a concern,” she said.

Petkova concluded by saying that the IT department is doing an amazing job to say ahead of these types of issues.  They constantly hold and host webinars to inform and teach everyone about their safety and how to use technology in a safe manner.  

The school keeps its students, staff and faculty on when they host events that could further educate the community on their technology and security.  This month a series of sessions “to discuss how you play a vital role in protecting yourself, and most importantly your students and your fellow colleagues” were announced. 

“We will discuss a varying array of items, including two serious attack attempts that we encountered last week here on-campus, ways of protecting your information, what to do when you think you are being targeted” said Omar Al Refae in a mass email.  “We will also be discussing our planned cyber-security internal review that was scheduled for last June but is now taking place in December.This is an extremely important issue, so your attendance to one of these sessions would be tremendously appreciated.” 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s