ECU Web Site Exposes 65,000 Records
Quick Facts
- Date: 2/9/2007
- Institution: East Carolina University
- Type of Incident: Penetration
- Number Affected: 65,000
- Source: ESI
- Abstract Source: WRAL
Abstract
East Carolina University is planning to notify 65,000 students, staff and alumni about a recent security breach in the university's online OnePass web site. A programming error made it possible for anyone to be able to view files created by the OnePass system. These files contained personal information on over 65,000 individuals, including names, Social Security numbers and even credit card information. While ECU is not aware of any mass downloads, it is aware that at least 21 credit card records were accessed by unauthorized individuals. An ECU student first noticed this problem in last January and immediately notified police. ECU staff had the OnePass site secured less then 15 minutes after police notified them of the problem. ECU officials announced the university is planning an internal and external audit of all technology systems.
