Duke University Press alerted users on Tuesday that its website had suffered a “security incident.” In an email blast to people with site accounts, the publisher said that usernames and encrypted passwords had been exposed as a result of the breach but that no financial information had been compromised.
According to a spokeswoman, the press learned of the breach on May 29 and had been working with the university’s Office of Information Technology in the weeks since then to gauge the extent of the damage.
“We needed to ensure that no information had been used inappropriately and wanted to make sure everything was secure,” said Laura Sell, the press’s publicity and advertising manager. The publisher advised those using the same password for other sites to change it immediately.
An spokeswoman for the Association of American University Presses said she could not recall a similar incident at another university press.
Academe on the whole, however, has been plagued by data breaches and hacking attempts. In the past four months, Iowa State University, the University of Maryland, the North Dakota University System, and Indiana University have all suffered security breaches. Those four incidents alone exposed more than 750,000 student records.