Georgetown University
38,000 SSNs At Risk After Georgetown Theft
Quick Facts
- Date: 1/29/2008
- Institution: Georgetown University
- Type of Incident: Theft
- Number Affected: 38,000
- Source: ESI
- Abstract Source: The Hoya
Abstract
Georgetown University is notifying students, alumni, faculty and staff over the January 3rd theft of a USB Hard Drive from the university's Leavey Center. The Hard Drive, used to backup a computer used for billing purposes, contained the names, Social Security numbers, activities fees and student insurance billing information on 38,000 members of Georgetown's university community, including 25,000 alumni. The files on the drive include all students enrolled in the university between 1998 and 2006. The university plans to hold campus-wide information sessions and setup a hotline to help answer student questions about the incident.
E-Health Trial Puts Patient Data At Risk
Quick Facts
- Date: 7/25/2006
- Institution: Georgetown University
- Type of Incident: Unauthorized Disclosure
- Number Affected: 5,600 to 23,000
- Source: Attrition.org
- Abstract Source: Wired
Abstract
A trial run of an electronic prescription-writing program ends in the accidental exposure of 5,600 to 23,000 Georgetown University Hospital patient data. The patient information was exposed online due to a hard-coded database password. While no medial data was exposed, names, addresses, Social Security numbers, and dates of birth were available. This flaw in the online system was discovered by a computer consultant while working to install the medical software, InstantDx, for a client. There is no evidence that any unauthorized individuals had access the Georgetown University Hospital information but the Hospital has suspended the trail program.
InstantDX was quick to accept responsibility and has since secured its systems. The company chairman and CEO Allan Weinstein calls the incident "a one-time quirk."
Secret Service Investigates Georgetown Computer Breach
Quick Facts
- Date: 3/6/2006
- Institution: Georgetown University
- Type of Incident: Penetration
- Number Affected: 41,000
- Source: InfoSec News
- Abstract Source: ComputerWorld
Abstract
The US Secret Service has been called in to investigate the breach of a Georgetown University server that contained the names, dates of birth, and Social Security numbers of more then 41,000 people. The server was part of a grant project to manage information on various services provided by the Office of Aging in the District of Columbia. The breach was first noticed on Feb 12 by the Georgetown information security office. Georgetown notified the Office for the Aging on Feb 24 after the University understood the full scope of the exposure. The Secret Service was brought in on Feb 27 to aid in the investigation. The server in question was run and administered by an individual researcher and not by Georgetown University.
