Quick Facts

• Date: 10/14/2009
• Institution: California State University, Los Angeles
• Type of Incident: Unauthorized Disclosure
• Number Affected: 85
• Source: DataBreaches.net
• Abstract Source: KTLA

Abstract
California State University, Los Angeles is working to notify students and faculty after personal information was mistakenly placed online. The information, placed on the Web by a CSULA faculty member, contained the names and Social Security numbers of 82 students and 3 faculty members. The exposure involves individuals enrolled in CIS 454 or 528 in Spring 2002 and CIS 283 and 585 in Spring 2003. The information was the faculty member's web site back in July. Once CSULA became aware of the problem, the files were immediately removed. CSULA is working to notify all affected individuals as well as working to make sure such a mistake does not happen in the future. CSULA College of Business and Economics has setup a toll-free hotline - 800-883-4029 - to help answer questions about the incident.

Quick Facts

• Date: 10/12/2009
• Institution: University of Wisconsin, Madison
• Type of Incident: Penetration
• Number Affected: 3,000
• Source: ESI
• Abstract Source: Fox 6 Now
  

Abstract
The University of Wisconsin, Madison recently notified faculty, staff and students after a breach may have exposed personal information. The breach, which involved multiple computers over several months, may have exposed up to 3,000 names and Social Security Numbers. In total, University officials believe that 40 computers were breached and used to distribute illegal copies of music, movies television shows and software. Wisconsin-Madison staff became aware of the breach on August 31 and investigation shows most of the illegal access occurred over the past 18 months. However, the earliest breach occurred in December 2001. In a October 12 letter to affected individuals, University officials say there is no evidence that personal information was accessed.

Quick Facts

• Date: 10/12/2009
• Institution: Roane State Community College
• Type of Incident: Theft
• Number Affected: 10,941
• Source: DataBreaches.net
• Abstract Source: Roane State News Release

Abstract
Roane State Community College is working to notify current and former students and employees after the theft of a device containing personal information. The device, stolen from the care of a Roane State employee, contained the names and Social Security Numbers of 1,194 current and former employees and 9.747 current and former students. Roane State staff also determined that the device contained only the Social Security Numbers for an additional 5,036 current and former students. The employee's car was broken into while off campus and the theft is being investigated by the Konx County Sheriff's Department. Roane State has sent letters to all affected individuals are is offering one year of credit monitoring. The device did not contain educational records.

Quick Facts

• Date: 10/9/2009
• Institution: University of Colorado, Denver
• Type of Incident: Impersonation
• Number Affected: N/A
• Source: ESI
• Abstract Source: ABC 7 Denver

Abstract
An email hoax claiming the Denver Columbus Day parade was canceled was traced to a University of Colorado, Denver computer. The email, which claimed to be from president of the Sons of Italy Columbus Day Parade Committee Richard SaBell, was traced to a public kiosk computer at the university that is open for public use. Denver police have seized the computer and are conducting an investigation into the hoax. The person responsible could face charges of fraud and identity theft. In addition, the university is very concerned over this incident and considers the hoax unauthorized use of a campus computer.

Quick Facts

• Date: 10/6/2009
• Institution: Tufts University
• Type of Incident: Penetration
• Number Affected: None
• Source: ESI
• Abstract Source: Tufts Daily

Abstract
An external attack caused Tufts University to shut down their WebCenter service. The attack involved 100 Tufts University computers that were compromised and used to send out spam email messages. According to the University, Tufts staff worked to block attackers coming from three different countries. The attack was discovered on Sunday and continued through Monday as IT staff noticed spikes in traffic from the affected machines. The attack involved computers in the University's Schools of Arts and Sciences and Engineering, the Tisch Library, Undergraduate Education, Student Affairs and Student Services (USS). The attack such a disruption that USS staff were sent home early if they felt they were not able to work productively. University staff worked to reinstall operating systems, increase password complexity and tweaked network controls. The WebCenter service was brought back online yesterday around 9pm.