UPDATE [June 10, 4:40 p.m.]: An internal investigation into the Tiger Books hack revealed that roughly 800 students’ email addresses, passwords and names (first and last) were leaked, according to the Dalhousie Student Union.
This announcement came out less than a week after VP (internal) Ramz Aziz mentioned the data breach at a council meeting, only mentioning that names had been accessed. The website encrypts passwords automatically but the DSU will be contacting students affected to alert them of the incident and recommend any further actions which may be taken.
The breach in security was noticed May 22, prompting the DSU to look closer at their websites’ security measures.
The DSU’s official statement can be found here: http://www.dsu.ca/about-us/news/dsu-revisits-its-access-to-electronic-accounts-practices-and-website-hosting-service.
It was announced at the June council meeting that the Tiger Books website has been breached. Ramz Aziz, VP (internal) says that student’s names had been taken. The website also asks students for their email address, but only the names were mentioned as being stolen.
In his report to council, Aziz says the student union is “trying to seek out options for internal hosting after data breach.”
Aziz said that the breach of security was unexpected and that the DSU is looking into housing the book exchange website on a safer server, perhaps to be hosted by Dalhousie. Other DSU online services, such as the idea sharing service Soapbox and the bookstore, are hosted externally and are not in danger of being breached.
It is unknown if the students involved have been contacted.
Tiger Books, the student union’s online book exchange service, started up eight months ago. It was one of several changes made by the DSU in response to student requests on Soapbox.