Educational Security Incidents (ESI)

Quick Facts

• Date: 9/10/2007
• Institution: Purdue University
• Type of Incident: Unauthorized Disclosure
• Number Affected: 111
• Source: ESI
• Abstract Source: Journal and Courier Online

Abstract
Purdue University is alerting 111 student about a file found on the Internet containing student information. The file, stored on an unused but still available web page, contained student names and Social Security numbers. This incident affects students enrolled in the Fall 2004 Animal Sciences 101 class at the university. Purdue has since removed the web page and notified the 111 students affected by the incident. In addition, Purdue has setup a hotline - 866-275-1181 - for any student that did not receive a letter but believes they might be affected by the incident. More information on this incident can be found at www.purdue.edu/news/coa0709.html.

Quick Facts

• Date: 7/18/2007
• Institution: Purdue University
• Type of Incident: Unauthorized Disclosure
• Number Affected: 50
• Source: Pogo Was Right
• Abstract Source: Inside Indiana Business

Abstract
Purdue University is apologizing to students after it discovered a web page containing student information was available on the Internet. This page, containing the names and Social Security numbers of 50 students, was discovered during a routine review of the Purdue web space. The individuals affected by this incident involve those students enrolled in the university's industrial engineering 500-level course between spring 2002 and fall 2004. Purdue has already mailed out letters to those affected students, but has setup a hotline - 866-605-0013 - and a web site - www.purdue.edu/news/coe0706.html - to help answer any questions students have about the incident.

Quick Facts

• Date: 4/24/2007
• Institution: Purdue University
• Type of Incident: Unauthorized Disclosure
• Number Affected: 175
• Source: ESI
• Abstract Source: BoilerStation

Abstract
Purdue University is alerting students to a possible breach of student information. Recently, a web site containing the names and Social Security Numbers of 175 Purdue students was found on the Internet. Purdue officials do not currently know how this information ended up on the web site, but are investigating the incident. Purdue is attempting to contact all affected individuals, but admits that contact information for those students no longer attending the university might be out of date. Purdue has created a hotline - (866) 307-8513 - and web site - www.purdue.edu/news/coe0704.html - for anyone that has concerns about this incident.

Quick Facts

• Date: 09/22/2006
• Institution: Purdue University
• Type of Incident: Penetration
• Number Affected: 2,500
• Source: InfoSec News
• Abstract Source: FortWayne.com

Abstract
Purdue University notified individuals who attend the university in 2000 about a recently discover security breach. 2,500 alumni were told that their personal information, including Social Security numbers and names, may have been accessed by an unauthorized individual. Purdue officials discovered that a workstation in the chemistry department might have been accessed by an unauthorized individual who installed remote access software on the computer. This computer was found to contain a Feb 2000 files that contained former student information.

Quick Facts

• Date: 4/26/2006
• Institution: Purdue University
• Type of Incident: Penetration
• Number Affected: 1,351
• Source: Privacy Rights Clearinghouse
• Abstract Source: Purdue

Abstract

Purdue University notified 1,351 current and former graduate students, graduate applicants and a small number of undergraduate that a recent computer breach possible exposed personal information. The compromised computer contained names and Social Security numbers among other information. Purdue has no record that this information was accessed, but cannot rule this possibility out.