Over 1,000 former students and employees of UNM recently had their identity stolen from a University database, and after a month of silence, UNM has established a call center to assist victims of the incident.
According to a University release, a decades-old UNM database containing names, birth dates, social security numbers, address, emails and other personal information for 1,360 applicants and students was hacked into.
The intrusion came from a now-defunct program within the College of Education – before formerly known as Educational Leadership and Organizational Learning – that no longer exists.
Before 2006, when UNM transitioned to the “Banner” system, social security numbers served as identification for students, and those numbers remained in this database according to the release.
Director of Media Relations Dianne Anderson, the response center is part of a communication plan instituted by UNM staff to provide detailed information to affected individuals.
The University is now sending letters to persons whose names were listed on the database, connecting them credit monitoring services and other resources.
Carol Silverman, the multimedia assistant for Extended Learning at UNM and a victim of the hack, said for a month UNM did not contact her to provide assistance or acknowledge what had happened, and she didn’t know where to go to get help.
Silverman said she knew something was wrong when she started receiving unusually massive amounts of spam mail from businesses such as Target and Lowe’s, thanking her for opening an account with the company and making purchases through the account – things she never did.
Silverman also said two colleagues in her department, who were also victims of the incident, tried to contact UNMPD, who said they didnt’ know anything about the crime.
It wasn’t until about three weeks after the incident that Silverman started to get answers from an unlikely source. By a stroke of luck, her husband stumbled upon the story one evening on a local news broadcast, which explained that over 1,200 former students and faculty had their personal information stolen, and that the suspect of the crime, Robert Murray, had been caught and was awaiting trial.
After realizing that her experience was a shared one with countless others, Silverman tried to raise awareness around Albuquerque about the UNM database being hacked by writing to other local news organizations, to no avail.
UNM officials said the University is now working with both Rio Rancho Police department and Las Cruces Police Department to determine the extent of the alleged identity theft incident.
According to LCDP officials, “The man suspected of using false identifications during a week-long crime spree in Las Cruces – in which he fraudulently purchased three vehicles and merchandise totaling nearly $90,000 – Ronald M. Murray Jr., 29, is charged with 10 counts of identity theft, 23 counts of forgery, three counts of fraud and one count of fraudulent use of a credit card.”
Following Murray’s arrest by LCPD earlier this month, arrest, police recovered a flash drive containing UNM information. The suspect is also accused of creating and using fabricated driver’s license and bogus financial information to commit multiple crimes.
Murray is currently being held at the Sandoval County Detention Center on a $100,000 cash-only bond. The investigation is ongoing and additional charges, including federal charges, are a possibility.
Anderson said individuals who believe their personal identifiable information may have been disclosed, and have questions or concerns, may contact the response center at (877)218-2930, using the reference number 5310082516. The call center is available to answer questions Monday through Friday from 7 a.m. through 5 p.m.