A letter released last Friday by University Advancement warned of a possible security breach in the Tufts Telefund database, which contains identity and financial information for approximately 106,000 Tufts alumni and families.
"Recently, Tufts detected abnormal activity on a server managed by an external vendor which supports the University's Advancement Telefund operation," Advancement Vice President Brian Lee said in the April 7 letter. "We immediately took steps to strengthen security for electronic records containing credit card and/or social security numbers."
The letter was accompanied by Federal Trade Commission (FTC) guidelines to prevent identity theft and reinforce security on personal affairs and accounts.
"We are taking this precaution not because [we're sure] the data was compromised," Betsey Jay, Director of Communications at University Advancement, said.
According to Jay, often hackers will want network server space to offload entertainment files rather than solely to steal personal and financial information. Still, the potential for fraudulent use of personal information is a significant concern, and prompted the release of the April 7 letter.
"For security reasons, we do not want to go in to great detail about our measures for protecting information," Jay said. "Since Dec. 19, 2004, when we heightened security on this server, there has been no unusual activity."
In late Fall 2004, "abnormal activity" was detected on the server, according to Jay.
"What was detected was a high volume of network traffic which indicated distribution of large files," she said. "The intent may have been to use the computer as a distribution point for movies and other entertainment files."
According to Jay, hackers searching for sensitive, personal information probably would not have let their efforts cause such a noticeable change in activity.
As of now there has been no confirmed case of identity theft, but Jay said that it is very difficult to track where information goes. Volunteers have been working on the helpline to answer questions from people who could be affected by this possible breach in security.
All requests for comment were referred to Jay.
