This week, the California State University, Stanislaus Police Department discovered that a dining vendor's server on campus appears to be the source of a data breach in which personal credit and bank card information was exposed.
Personal information on the server includes credit card numbers, cardholder names, and expiration dates. The number of people whose information may have been compromised is still being investigated as are other elements of the case. In the meantime, all credit card and bank card transactions have been suspended in the Main Dining Hall, Mom's coffee shop, and Pop's convenience store on campus. Such transactional opportunities will be restored once sufficient security measures are in place to protect personal information and restore the integrity of all transactions.
Information about a potential data breach first came to the University's attention in late November when the University Police Department was contacted about the fraudulent use of a credit card that had been used at CSU Stanislaus. University Police initiated an investigation in partnership with the County Hi-Tech Crime Task Force, the District Attorney's Office, and the Stanislaus County Sheriff's Department. The detailed investigation eventually led to vendor computer systems in the foodservice areas as the source of the personal information that appears to have been exposed.
Anyone who used a credit or bank card at one of the campus dining facilities over the past 180 days is advised to review purchases listed on his/her credit card and bank statements to determine if any are fraudulent. In addition, they can visit the California Office of Privacy Protection's Web site at http://www.privacy.ca.gov to learn additional steps for protecting their information.
Individuals with questions or concerns, or anyone wishing to file a police report about fraudulent charges on their accounts, can contact University Police at 209-667-3114. As further information becomes available, all necessary notification and follow-up procedures will take place and any students, faculty, or staff whose account information may have been exposed will be notified personally.
The following personnel are available to answer questions from the media:
Steve Jaureguy, CSU Stanislaus Police Chief at 209-667-3114
Kristin Olsen, CSU Stanislaus Senior Director of Public & Legislative Affairs at 209-620-2295
January 11, 2008