Eastern Illinois University
Eastern Illinois University Admissions Server Compromised By Virus
Quick Facts
- Date: 12/4/2009
- Institution: Eastern Illinois University
- Type of Incident: Penetration
- Number Affected: 9,000
- Source: ESI
- Abstract Source: EIU Notice to Students, Daily Eastern News
Abstract
Eastern Illinois University recently began notifying current and former students as well as applicants after discovering a security breach involving a server containing applicant information. The server, used by the Office of Admissions, contained the electronic applications for admissions between March 10, 2000 and November 16, 2009. These applications contained names, Social Security numbers, dates of birth, mailing addresses and other contact information on 9000 individuals. The university discovered the server was participating in a botnet on November 16 and took action to remove the server from use. An investigation discovered the server was compromised on November 11. While university officials state there is no evidence anyone accessed the applicant data, Eastern is offering those affected a one year membership for identity theft protection through Experian. When asked about the three week delay in notifying affected individuals, Adam Dodge, Eastern's IT Security Officer, stated that many factors contributed to delay including an in-depth investigation by Dodge's office, gathering information on the individuals on the server, collecting and verifying address information, and contracting with Experian.
Theif Makes Off With EIU Student Information
Quick Facts
- Date: 1/26/2007
- Institution: Eastern Illinois University
- Type of Incident: Theft
- Number Affected: 1,400
- Source: Attrition.org
- Abstract Source: Journal-Gazzette - Times Courier
Abstract
Eastern Illinois University has begun to notify 1,400 fraternity and sorority members that they are now at risk for identity theft. A theft recently made off with one desktop computer as well as the hard drives and memory from two other computers within EIU's Student Life office. This equipment contained a listing of all EIU fraternity and sorority members and included names, Social Security numbers, addresses and dates of birth for each member. These files were protected only by a sign-on password to the computer. EIU stressed the fact that only current current information was contained on this equipment and the Student Life office routinely purges old student records from its computer systems each semester. EIU officials also mentioned that the university is in the middle of phasing out most of the SSN usage on campus, a project scheduled to be completed by 2008.
