WKU strengthens data security amid hacks

Jodi Camp

In February of 2015, the identities of several WKU employees were stolen when hackers stole data from Anthem, Inc., the provider of faculty health care policies at WKU. Since then, WKU has strengthened Internet security in several key areas.

Coordinator of journalism  and professor Mac McKerral was among the first batch of WKU faculty whose identity was stolen.

McKerral was teaching in England at Harlaxton College during the spring 2015 semester when he was contacted by the Internal Revenue Service after someone tried to file a false tax return. McKerral then contacted his bank, closed his credit cards and changed all his passwords.

“I’ve invested a lot of time into this,” McKerral said.

McKerral has an accountant that deals with the IRS directly. He has spent the past year working to get his identity back. He has not received the tax refund owed to him for the past two years because of the hack.

“I think that having your identity hijacked is a little like diseases,” McKerral said. “If you live long enough, it’s going to happen.”

In response to the hacks of several companies, including Anthem, WKU has put employee information, including employee salaries, behind a password-protected firewall.

Patti Minter, associate professor of history and chairwoman of the Faculty Welfare and Professional Responsibilities Committee of the University Senate, authored a resolution to remove the password-protected firewall. The resolution passed unanimously in the fall of 2015.

Chief Information Technology Officer Gordon Johnson said WKU’s security infrastructure is implemented in layers to help prevent hackers from gaining information they shouldn’t have. When necessary, WKU works with federal organizations like the IRS Criminal Investigations Unit, the FBI and the Department of Defense to help with identity theft incidents or other IT security-related issues.

“My role is to make sure WKU has a comprehensive IT security program in place to help prevent identity theft in our environment and to assist our user community with any pertinent information regarding identity theft or help engage law-enforcement agencies where appropriate,” Johnson said.

Johnson’s advice to students and faculty to avoid being hacked is to be very cautious of emails from unknown senders, strengthen your browser settings to avoid using pop-ups and unnecessary cookies, not allow your browser to store usernames and passwords, avoid using public and unauthenticated WiFi networks and be suspicious of all websites and applications you use online.