access Kellogg computer system
'trial by fire' for new CIO
March 20, while many students and faculty were attending GIM
trips abroad or enjoying Spring Break, a security breach was
detected in the computer server system at the Kellogg School
from Northwestern University's Information Technology Office,
Kellogg Information Systems and Kellogg senior administration
acted quickly to contain any risk to Kellogg faculty, staff,
students and alumni's personal data. The broader Northwestern
community was not affected.
the recovery action was David Keown, who had joined the Kellogg
School just two months earlier as chief information officer
and assistant dean for information technology. In his role
at the Kellogg School, Dean Keown oversees Kellogg Information
Services (KIS) and manages IT issues throughout the school.
server problem was discovered, KIS staff reacted swiftly to
take the affected systems offline and rebuild them, shutting
down the hacker's point of entry. They also launched an immediate
investigation to assess what data may have been compromised.
On Wednesday, March 23, KIS determined that Kellogg user IDs
and passwords, which provide access to various information
sources on the Northwestern system, potentially could have
been obtained by the hackers.
who came to Kellogg after 20 years at the Columbia University
Business School, where he rose through the ranks of administrative
computing to lead the school's IT group for the last eight
years, pulled his staff into a conference and called on key
administrators to join them. This crisis management team went
into action, assessing the risks to the various members of
the Kellogg School community. Within minutes, the decision
was made to first disable all passwords and user IDs for the
Kellogg School's roughly 500 faculty and staff members and
3,000 students — the groups whose personal information was
most at risk.
KIS staff continued their investigation, urgent messages were
created and sent by email, and measures were implemented to
begin setting new passwords for the entire Kellogg community.
indicated that alumni data were the least vulnerable to this
particular attack because alums' critical personal information
was not stored in a location accessed by the hackers. Jim
Corboy, Kellogg Alumni Relations director, said, "With an
alum's individual Kellogg password, an unauthorized user could
only get the same kind of information that has been available
for years in the print version of the Alumni Directory or
by a simple Internet search: mailing addresses and phone numbers,
but not Social Security numbers and birth dates." Even then,
he added, the user could view just one person's limited information
at a time.
your password now
a precautionary security measure, the Kellogg
School strongly encourages alumni to change their
password immediately and confirm the accuracy
of their displayed record. It takes just a few
on to the Kellogg Alumni Network.
who have questions regarding the breach should
contact Kellogg Alumni Relations at 847.467.ALUM
or by email.
Staff members are available from 8 a.m. to 5 p.m.
CST Monday through Friday.
the breach was a major concern for Alumni Relations and the
crisis team, which recommended immediate messaging to the
approximately 18,000 alumni who have passwords on the system
to log on and change their passwords. An analysis indicated
whose data had been updated since the breach; although most
of that activity was probably related to the upcoming Alumni
Reunion and not a result of the break-in, those alumni received
specific instructions to check the accuracy of their displayed
record. As of Kellogg World press time, the Kellogg
School has observed no pattern of attempted fraud, and the
university has no evidence that personal identification was
said: "Invasion of privacy and the potential for theft and
destruction are very real threats globally. IT organizations
are working very hard to improve their functionality while
guarding against security threats on every level. Following
this unfortunate event, the Kellogg School has contracted
outside agencies to check the security of our systems and
analyze the forensic data to learn what we can about the break-in."
The ongoing investigation has identified patterns of the hacker's
behavior that suggest the servers were not targeted to obtain
Associate Dean Robert
Korajczyk also was part of the crisis team. He said: "The
Kellogg School regrets the inconvenience caused to our valued
constituents. Dean Keown and the crisis management team embody
the teamwork philosophy that distinguishes Kellogg among business
management schools. The dedication of the KIS staff, many
of whom worked around the clock for days on end, demonstrates
the extraordinary measures the Kellogg School takes to protect
the interests of the Kellogg community."