![penn in touch penn in touch](https://snworksceo.imgix.net/dpn-utb/e1d4a565-9e76-4dfc-ae7f-f83e586b8810.sized-1000x1000.png)
The University said there is no evidence to suggest that research data or personally identifiable information (such as Social Security or credit card numbers) have been stolen, however, investigators do have direct evidence that a number of College of Engineering-issued usernames and passwords have been compromised, and a small number have been used by the attackers to access the network.Īll College of Engineering faculty and staff at University Park will be required to choose new passwords for their Penn State access accounts. The outage is expected to last for several days. “This is an incredibly serious situation, and we are devoting all necessary resources to help the college recover as quickly as possible minimize the disruption and inconvenience to engineering faculty, staff and students and to harden Penn State’s networks against this constantly evolving threat.” “This was an advanced attack against our College of Engineering by very sophisticated threat actors,” said Penn State President Eric Barron in a letter to the Penn State community. The University did not expain how the attack was attributed to China. The investigation also revealed that the earliest known date of intrusion is September 2012. “Any abnormal action by individual users could have induced additional unwelcome activity, potentially making the situation even worse.”Īccording to Penn State, Mandant’s investigation discovered the presence of two previously undetected attackers within the college’s network. Jones, executive vice president and provost at Penn State. “In order to protect the college’s network infrastructure as well as critical research data from a malicious attack, it was important that the attackers remained unaware of our efforts to investigate and prepare for a full-scale remediation,” said Nicholas P. Penn State hired FireEye-owned Mandiant to investigate the incident, which has confirmed that at least one of two attacks was carried out by a threat actor based in China, using advanced malware to attack systems in the college. 21, 2014 of a cyberattack of “unknown origin and scope on the College of Engineering network by an outside entity.” Penn State University said Friday that it disconnected the network of its college of engineering from the Internet in response to two cyberattacks, with at least one believed to be conducted by threat actors based in China.Īccording to an announcement by the University on Friday, the institution was alerted by the FBI on Nov.