Illinois Valley Community College has sent out more than 160,000 letters to current and former students, faculty and applicants warning them that their data may have been compromised in connection with a data breach back in April.
Cheryl Roelfsema, IVCC’s vice president for business services and finance, said that, as of now, the school is unaware of any incidents related to the data obtained from the breach.
“The bottom line is, when in doubt, that group was added to the list,” IVCC President Jerry Corcoran said. “We wanted to err on the side of having an abundance of caution to give everyone a heads up to be aware of the situation.”
According to the letter, IVCC does not know the exact data taken, only that some data was taken.
IVCC has hired Kroll, a risk prevention firm, to provide free identity monitoring that includes credit monitoring, fraud consultation and identity theft restoration. Anyone who received a letter will be able to obtain a free credit report and the ability to place a fraud alert or security freeze on their credit files.
Roelfsema said about 750 people have signed up so far to take advantage of these services.
Corcoran said the school now has more precautions and stronger security in place, with redundancies at a remote location.
“All the while, the bad people are still out there,” Corcoran said. “When you talk about safeguards openly, you’re laying your cards on the table. We’ve done everything we can to protect the investigation and keep our new measures close to our vest while also being transparent and upfront. That’s a challenge.”
Information on how to take advantage of the free identity monitoring is available in the letter.
“There’s nothing good that comes out of this but we’re seeing more cases of it,” Corcoran said. “There are two other community colleges that got hit, and even I’ve been the recipient of a similar letter from another college I made a donation to. Michigan State sent me a notice, and hospitals have sent me a notice. Everybody needs to be vigilant, but I can’t be more proud of the decision the board of trustees has made to take an abundance of caution.”
Additionally, La Salle County’s government offices had a ransomware attack in February.