UPDATE May 19 7:30 PM Eastern
University Librarian and Oregon St. University Press Director Fay Chadwell Shared the Following Update with infoDOCKET.
Yes, the OSU Libraries website was compromised this past weekend. We learned of the situation on Saturday. As a result of the compromise, we took the website down and it was out of commission roughly between 5:30 and 10:30pm. At that time we restored basic service. In the next several hours we had to deal with an unavailable proxy server.
We are working closely with the campus IT group on campus to determine the origin of the compromise and gain understanding about any vulnerabilities while we continue to clean up remaining issues. To the best of our knowledge, we are not aware that any data was compromised. We don’t have reason to believe that there was a data compromise. That’s part of the work we are doing with our campus IT group. It appears that the group responsible replaced our website with their own to communicate their message.
Our protocol, according to our disaster recovery/emergency prep plan is to respond to tech issues within an hour. We accomplished that and our library IT folks quickly began working to bring the site back up. As for having a protocol for handling what needed to be handled, it’s hard to conceive what you might be facing until you are facing it. We do back up our servers regularly.
University Librarian and Oregon St. University Press Director Fay Chadwell confirmed
that the hack took place.
The article reports that “normal library functions” were not accessible for a period of time. The website is back online and now functioning normally.
No additional details (ie. was any data compromised?) has been shared at this time.
We’ve reached out to OSU Libraries for additional info. If/when we hear back we will update.
Update 1: A Google search turned up this cached page with a Oregon St. U. Library url showing a hack of the site by a group of hackers known as AnonGhost. We have not confirmed if this is the hack that took place the other day.