i Skip to main content

ADA, Okla. - On February 16, 2024, East Central University experienced a directed attack from a cybercriminal group.  While the criminals were not successful in taking down ECU’s critical services, they were able to conduct a successful attack on a variety of campus computers. The criminal group attempted to attack ECU systems, steal data, encrypt ECU computers, and otherwise extort the campus.

Upon learning of the attack, ECU I.T. brought in a 3rd-party cyber security response team to assist in stopping and recovering from the attack. The two teams immediately began working through incident response protocols to determine the scope of the attack, deploy countermeasures, gather forensic data, and gain visibility into the campus network/systems.  Additionally, ECU began resetting passwords, evaluating critical services, and implementing an incident response strategy.

ECU developed several internal communications strategies to determine the information impacted as well as address individual concerns. These methods included several direct emails plus open mandatory forums for employees and optional public forums for students to obtain additional details.  Additionally, a web page was created with more information and a list of FAQs, as well as a designated email and phone number for questions and concerns.

The scope and scale of the data involved on the servers attacked are still being investigated, but currently there has been no evidence that any information was taken.  However, this week, we determined that a number of individual names and Social Security numbers may have been accessible to the criminal group – while we have no confirmation that they were in fact accessed, much less taken, we are providing this notice while we continue to investigate.

ECU students, employees and the public can visit the ECU website for updates regarding the attack at https://www.ecok.edu/data-incident/, along with a phone number and email address to contact with questions.

Anyone concerned that their information may be affected should visit, www.identitytheft.gov

Share this post