University of Kansas officials have reported to the FBI a computer hack into electronic pharmacy records

Apr 6 2004

Marilu Goodyear, KU vice provost for information services, said surveillance software alerted KU officials to the intrusion, and technicians immediately disabled the affected computer server.

"We are cooperating fully with the FBI and KU Public Safety in the criminal investigation," said Goodyear.

"At this stage of the investigation, we know only that the computer server was accessed and the access was unauthorized. But we are proceeding on the assumption that information was copied."

How much, if any, of the information may have been copied, altered or otherwise tampered with is under investigation.

Until Jan. 26, 2004, the affected computer server was used to support pharmacy operations. Files on the server contained records on prescriptions filled at the on-campus pharmacy from July 1994 to January 2004 for KU students, faculty and staff. Information in the affected server's files varied by patient and contained such information as KU ID or Social Security number, name, address and birth date.

"Although we don't know the extent of the intrusion, we are taking the precaution of sending letters and e-mails about the facts of the incident to people with pharmacy records on the affected server and alerting them to ways of protecting against possible identity theft," said Goodyear.

Changes in addresses may make it difficult for the university to reach some former students and staff. Individuals who believe they filled prescriptions at Watkins Memorial Health Center between July 1994 and January 2004 may contact the university by calling a toll-free assistance number, (877) 529-4295, or, locally, (785) 864-9147, or by e-mailing [email protected]. The phone number will be staffed from 8:30 a.m. to 4:30 p.m. Monday through Friday.

KU is advising those affected by this incident to follow proactive steps for protecting against identity theft as described at www.ku.edu/identity.

"We deeply regret any difficulties this may cause any member of the KU family," said Marlesa Roney, vice provost for student success.

"Computer hacking is a crime. We will work with authorities and do everything in our power to protect and provide assistance to our students, faculty and staff."