Month of January, 2008
U of M Doctor Loses Fertility Clinic Patient Data
Quick Facts
- Date: 1/31/2008
- Institution: University of Minnesota
- Type of Incident: Loss
- Number Affected: 3,100
- Source: ESI
- Abstract Source: WCCO
Abstract
University of Minnesota's Reproductive Medicine Center is alerting patients after it became aware of the loss of a USB drive containing patient information. The drive belonged to Dr. Theodore Nagel which he used to store unencrypted and unprotected backups of his computer, which is against U of M regulations. The drive contained the names and infertility treatments of 3,1000 of Nagel's patients dating back to 1999. Nagel reported the loss to the center and has personally written letters of apology to the affected patients.
Oregon State Excel File Exposes Senstitive Information Online
Quick Facts
- Date: 1/31/2008
- Institution: University of Oregon
- Type of Incident: Unauthorized Disclosure
- Number Affected: 33
- Source: SSNBreach.org
- Abstract Source: SSBreach.org Press Release
Abstract
The Liberty Coalition recently informed the University Oregon that an excel file publicly available through the university's web site contained sensitive and personal information on student and staff. The file contained the names, Social Security numbers (19 in total), phone numbers, GPAs, academic majors, and other information on 33 individuals involved in the 2006 NASA Robotics Academy in Maryland. This file was indexed cached by a number of major search engines.
U Mass Dartmouth Student Information Posted Online
Quick Facts
- Date: 1/30/2008
- Institution: University of Massachusetts, Dartmouth
- Type of Incident: Unauthorized Disclosure
- Number Affected: 32
- Source: SSNBreach.org
- Abstract Source: SSNBreach.org Press Release
Abstract
The Liberty Coalition recently alerted the University of Massachusetts, Dartmouth that a file on the university's Computer and Information Science Department's web site contained sensitive student information. The file contained the names, grades, GPAs and socail security numbers of 32 students. The SSNs in the file were partially obscured with the first digit replaced by a zero.
38,000 SSNs At Risk After Georgetown Theft
Quick Facts
- Date: 1/29/2008
- Institution: Georgetown University
- Type of Incident: Theft
- Number Affected: 38,000
- Source: ESI
- Abstract Source: The Hoya
Abstract
Georgetown University is notifying students, alumni, faculty and staff over the January 3rd theft of a USB Hard Drive from the university's Leavey Center. The Hard Drive, used to backup a computer used for billing purposes, contained the names, Social Security numbers, activities fees and student insurance billing information on 38,000 members of Georgetown's university community, including 25,000 alumni. The files on the drive include all students enrolled in the university between 1998 and 2006. The university plans to hold campus-wide information sessions and setup a hotline to help answer student questions about the incident.
University of Wisconsin Professor Posts Grades and Names Online
Quick Facts
- Date: 1/28/2008
- Institution: University of Wisconsin
- Type of Incident: Unauthorized Disclosure
- Number Affected: 196
- Source: SSNBreach.org
- Abstract Source: SSNBreach.org Press Release
Abstract
SSNBreach.org notified the University of Wisconsin after it found an Excel file containing student grade information on a UW-Madison web site. The file, belonging to Professor Yu Hen Hu, contained the names, scores and grades of 196 students taking the professors ECE courses between 1994 and 2006. There is no risk of identity theft to the students over this exposure, but grade and other educational information is protected information under current laws.
