Cal State Tightens Its Cybersecurity After Data Hacks At Multiple Campuses

Hackers stole personal data at two Cal State campuses last year. California State University, San Marcos said in November that only names, titles, and email addresses of students and employees were obtained, whileCal State Northridge said similar data was stolen when hackers attacked a firm hired by the university to store data. That firm ended up paying a ransom.

California State University officials said that to "protect against disclosing sensitive or vulnerable information" it would not disclose if other campuses were hit with similar cyberattacks.

CSU's board of trustees is set to discuss cybersecurity improvements at its meeting on Tuesday. They'll consider hiring a firm that can find cybersecurity gap and advise campuses on how to close them.

"We regularly review and update our data security efforts and work continuously to make student data safe," CSU Chief Information Officer Michael Berman said in an email. "We know that potential attackers continue to find new ways to compromise our systems, notwithstanding changes we make to our security posture.”

The university system says it expects more than 80% of its employees and 61% of students will sign on to two-factor authentication by the end of March 2021. The CSU system hopes all of its students and employees switch to this more secure sign-in method by the end of the year.

Cal Poly Pomona has set an April 8 deadline for students and employees to sign up for two-factor authentication.

READ MORE:

• UC San Francisco pays hackers more than $1 million ransom.
• FBI warns educational institutions about cyberattacks

Our news is free on LAist. To make sure you get our coverage: Sign up for our daily newsletters. To support our non-profit public service journalism: Donate Now.