Educational Security Incidents (ESI)

Quick Facts

• Date: 6/23/2008
• Institution: Southeast Missouri State University
• Type of Incident: Employee Fraud
• Number Affected: 800
• Source: Pogo Was Right
• Abstract Source: KFVS

Abstract
Southeast Missouri State University is working to alert students after it discovered that student personal information may be at risk. During a review of activity logs, the university discovered that a former employee had access hundreds of student records. According to university officials, records of 800 students, which included names and Social Security numbers, were found in the former employee's computer files. The university has filed charges against the former employee. The university has also setup a web site - www.semo.edu/identityalert/ - where students can find more information. Students wish additional questions are encouraged to call - (573) 986-6800 - or e-mail - identityalert@semo.edu - the university.

Quick Facts

• Date: 6/12/2008
• Institution: Columbia University
• Type of Incident: Employee Fraud
• Number Affected: 5,000
• Source: Pogo Was Right
• Abstract Source: Columbia Spectator, NY Sun

Abstract
Columbia University is apologizing to students after it discovered that a file available through a Google-hosted Web site contained personal student information. The file in question, a Housing and Dining database, was apparently uploaded by a student working for the Housing department in 2007. The student information was available from February 2007 through June 3, 2008 when an alumna discovered the personal information through a Google search. The university worked with Google to remove the file from the hosted web site. The university is offering two years of credit monitoring for the affected individuals. A petition circulated by Columbia students condemned the Housing department. The petition also called for department to launch an investigation of the student worker responsible for the incident, publicly disclose the results of the investigation the department is lawfully able to disclose and publicly report the steps the department will take to screen employees' ability to properly handle confidential information.

Quick Facts

• Date: 4/28/2008
• Institution: University of Tokyo
• Type of Incident: Employee Fraud
• Number Affected: Unknown
• Source: ESI
• Abstract Source: Daily Yomiuri Online

Abstract
University of Tokyo officials moved to dismiss an associate professor after it was discovered this individual leaked graduate school entrance exam questions back in 2006. The former professor shared these questions with several students prior the exam date. It is not known how many students had advanced access to these questions, but it appears that some of the students that received the advance information are still attending the university.

Quick Facts

• Date: 3/20/2008
• Institution: Lasell College
• Type of Incident: Employee Fraud
• Number Affected: 20,000
• Source: Pogo Was Right
• Abstract Source: Lasell College News Advisory

  Abstract
  Lasell College is alerting 20,000 current and former students and staff that their personal information was illegally accessed by a college employee. The employee, a member of the Department of Information Technology, gained unauthorized access to a database containing names and Social Security numbers. The college became aware of the incident in early February after investigating suspicious activity. Lasell has also contacted law enforcement who has started their own investigation. Lasell College has setup a hotline - 617-243-2140 - and a web site - www.lasellemergency.net - to help answer any questions individuals may have.

Quick Facts

• Date: 2/28/2008
• Institution: Asahikawa Medical College
• Type of Incident: Employee Fraud
• Number Affected: 2,220
• Source: ESI
• Abstract Source: Daily Yomiuri Online

Abstract
Asahikawa Medical College recently announced that it discovered 2,220 test samples taken from individuals had been leaked, along with some personal information, to four different companies in five different leaks occurring over a two and a half year period. This leak included samples taken during HIV and syphilis tests and of the 2,220 samples leaked, 1,800 syphilis samples included patient names and other personal information. During the investigation into the leak, the medical college found that the four companies receiving the samples donated about 3.85 million yen to the hospital's clinical laboratory blood transfusion department, which is the department that leaked the samples. The medical college plans to severely punish the four individuals involved in the leak. The hospital has made plans to recover the leaked samples, expect for those already destroyed, and has apologized to those individuals whose personal information was exposed.