The U.S. Attorney's Office has filed a federal charge against a former University of Nebraska-Lincoln senior in connection to a security breach this spring.
Daniel Stratman, who is listed as a computer science and mathematics major on UNL's website, made his first court appearance last week on a charge of reckless damage to a protected computer during unauthorized access.
In the case information, Assistant U.S. Attorney Steven Russell said Stratman, 22, intentionally accessed a protected computer without authorization between April 24 and May 24. The computer is owned by the University of Nebraska and Nebraska State College Systems.
UNL spokeswoman Kelly Bartling said Stratman, who listed an Omaha address, was a senior in May but has not registered for classes this semester. She declined to comment about whether the university had taken punitive action against him saying such records are private.
According to the university, the Nebraska Student Information System -- a database containing the records of more than 650,000 students, alumni, parents, employees and applicants from NU campuses in Omaha, Lincoln and Kearney -- was breached May 23.
Although it initially appeared to affect only the NU system, the investigation later showed the database included information from Chadron State, Peru State and Wayne State colleges.
The State College System and NU began using a shared student information system known as NeSIS in 2009. It stores information such as Social Security numbers, birth dates, addresses, grades and financial aid.
University and state college officials have said it doesn't appear any information was transferred from the system.
"There hasn’t been any evidence to lead to the conclusion that private information was used or jeopardized," Bartling said. "The university has done everything within its power to make sure people whose information was contained within those servers have answers to their questions and the ability to report, if they feel their identity has been jeopardized."
In June, Joshua Mauk, information security officer for NU, said the incident had prompted the university to re-evaluate its online security plans.
NU computing services personnel identified Stratman as a suspect by the IP address used to access the system, officials said.
Russell filed a complaint late last week against Stratman, who waived the need for an indictment. On Monday, Russell declined to discuss details of the case.
Stratman has been released pending an arraignment, set for Jan. 8.
If convicted, he could get as many as 10 years in prison, three years supervised release and a $250,000 fine.
The charge against Stratman alleges his conduct caused a loss of at least $5,000. Russell said that loss refers to the cost of investigating and dealing with the aftermath of the security breach.
Stratman's attorney, Bob Creager, declined to comment on the case.