A computer virus might have stolen personal information from some 42,000 people associated with Eastern Maine Community College of Bangor.
The school issued a warning Friday that although they haven’t pinpointed any direct loss of data, some usernames and passwords associated with the college domain and email accounts, and some personal data — name, address, Social Security Number, date of birth — may have been accessed.
Victims could include students at the school between summer 1998 and summer 2018 or workers there between 2008 and 2018, according to a statement issued Friday.
“We very much regret the inconvenience or concern this incident may cause,” EMCC President Lisa Larson said Friday. “EMCC takes seriously the protection of personal information, and our efforts to improve and strengthen our electronic security are ongoing.
“Unfortunately, institutions of all kinds around the world are increasingly subject to sophisticated and aggressive hacking tactics such as the one involved in this incident.”
The malware involved is known as EMOTET and, according to the U.S. Department of Homeland Security, is among the worst malware on the internet.
Initial infection occurs when a user opens or clicks on a malicious link or document. Once downloaded, its worm-like features rapidly spread network-wide infections, which are difficult to combat.
EMCC officials reported the incident to police and will send notification letters by the U.S. Postal Service over the coming week.
The college is making available free credit monitoring and identity restoration services to these individuals, according to the statement.
Follow the Bangor Daily News on Facebook for the latest Maine news.