Quick Facts

• Date: 3/31/2011
• Institution: Wenatchee Valley College
• Type of Incident: Unauthorized Disclosure
• Number Affected: 3,800
• Source: ESI
• Abstract Source: The Wenatchee World

Abstract
Wenatchee Valley College recently contacted former students after an error processing a public records request released personal student information. In response to a request from a local law firm for 10 years of financial records, WVC forwarded 84,000 pages of information that contained the names and Social Security numbers of 3,800 students that attended the college in 2002. The error was discovered by Brent Magarrell on March 24th. Magarrell contacted WVC about the error and also filed a FERPA violation complaint with the Department of Education.

Quick Facts

• Date: 3/29/2011
• Institution: New York University, Langone Medical Center
• Type of Incident: Theft
• Number Affected: 670 (2 Social Security Numbers)
• Source: OSF DataLoss DB
• Abstract Source: NYU Langone Medical Center Breach Notification

Abstract
New York University Langone Medical Center recently announced that patient information may be at risk following the theft of a computer from a physician's office. The computer, used for research and stolen from the NYU School of Medicine Faculty Group Practice on January 27, contained the names, diagnosis, results of diagnostic tests, and clinical information gathered during office visits on 653 patients between April 1999 and September 2008. An additional 26 letters were sent to individuals whose medical record numbers, home addresses, dates of birth, occupation and, in two cases, Social Security numbers may have been contained on the computer. A suspect in the theft has been arrested but the stolen computer was not recovered at the time. NYU Langone has setup a hotline - 1-877-698-2333 - to help provide more information to those affected by the theft.

Quick Facts

• Date: 3/29/2011
• Institution: University of Regina
• Type of Incident: Penetration
• Number Affected: None
• Source: ESI
• Abstract Source: CBC

Abstract
The University of Regina recently announced that a security breach caused the university to shutdown its main web server. The breach appeared to effect only the web site. While the server was compromised university officials state that no confidential information was accessed by unauthorized individuals. Staff had corrected the problem causing the breach shortly after discovery.

Quick Facts

• Date: 3/18/2011
• Institution: University of Kent
• Type of Incident: Unauthorized Disclosure
• Number Affected: 615
• Source: ESI
• Abstract Source: ZDNet

Abstract
The University of Kent recently responded to a mistake that exposed the personal information of students registered with the Disability and Dyslexia Support Services at the university. The email, sent to inform students of arrangement being made for final exams, contained the names of 615 students in the CC field, exposing their names, email addresses and the fact that they receive support from Disability and Dyslexia Support Services to the other students. In a second email university officials apologized for the disclosure of protected information and had reported the incident to the Office of the Information Commissioner.

Quick Facts

• Date: 3/14/2011
• Institution: University of York
• Type of Incident: Unauthorized Disclosure
• Number Affected: 17,904
• Source: ESI
• Abstract Source: Nouse - University of York's Student Website

Abstract
The University of York is apologizing after a university website may have exposed personal student information. It was recently discovered that a student inquiry screening function enabled on the University of York web site disclosed personal details such as names, mobile phone numbers, home and university addresses, dates of birth, email addresses, and emergency contact information for 17,094 undergraduate, post-graduate and part-time students. The information was available to the general public and could be retried by entering as little as initials or course information. According to Stephen Town, University of York's Director of Information, the university rectified the situation as soon as it was notified and has notified the Information Commissioner about the breach. The university apologized for the incident and has launched an investigation to fully review data security at the university.