Some OU students are upset that officials waited two weeks to tell them of a virus found on a computer containing student information.

Kelsey Krueger said Tuesday that she learned of the threat on June 24 when the OU bursar's office sent her and other students a message about the incident and what to do about it.

On June 10, the OU information technology department identified the virus, commonly known as Zeus of Zbod, and the data it might have compromised.

Krueger said she then spoke to "eight or nine" people at the bursar's, admissions and information technology offices to try and find out how widespread and dangerous the breach actually was.

"Fourteen days had gone by," Krueger said. "Who knows what could have happened? Computer viruses can happen to anybody; it's common, and that's not the university's fault.

"It's just that they waited so long to tell us about something this serious and then I wasted my time trying to get answers."

The OU Information Technology Department sent a mass e-mail on Monday reminding faculty and staff about the dangers of viruses and malware and offered tips on protecting themselves.

Krueger said there has been no sign of identity theft.

No theft known from incident

Catherine Bishop, OU vice president of communication, said in an e-mail Tuesday that university officials don't know of any computer-related theft stemming from the incident.

"While the university is not aware of any specific misuse or conversion of this information as a result of the unauthorized access," she said, "the OU Information Technology Department did discover unusual Internet activity associated with a laptop computer connected to the network and being used by an employee in the bursar's office."

Bishop said information technology employees conducted a forensic analysis of the computer, after which the bursar's office then notified people whose information was on the affected computer.

"Information was provided on how to obtain free initial fraud alerts," Bishop said, "and the university offered to pay the cost of an additional year after the initial alert expires, if the person so desires."

Krueger mentioned the fraud alert service and OU's offer to pay for a second year, but she has no desire to give out her Social Security number as required. Meanwhile, Krueger watches her bank account frequently to make sure nothing has been taken out.