Quick Facts

• Date: 5/6/2011
• Institution: Central Oregon Community College
• Type of Incident: Penetration
• Number Affected: Unknown
• Source: ESI
• Abstract Source: KTVZ

Abstract
Central Oregon Community College recently notified users after taking the college's web site down following a two security breaches. According to notices sent by COCC officials, the web site was taken down on Wednesday and then again on Thursday following security breaches of the site on both days. While originally COCC did not believe any personal information was at risk, additional investigation showed the attacker(s) may have had accesses to 2011 COCC nursing program applicant data and 2012 COCC Foundation scholarship data. According to the notices sent to students in each of these groups, the applications did not contain credit card or Social Security numbers, but did contain email addresses and COCC ID numbers. According to the college, investigations are still ongoing to make sure no additional personal or sensitive information is at risk following the breaches. COCC is working with local and federal law enforcement during the investigation.

Quick Facts

• Date: 4/29/2011
• Institution: Trinity College Dublin
• Type of Incident: Unauthorized Disclosure
• Number Affected: Unknown
• Source: DataBreaches.net
• Abstract Source: Irish Times

Abstract
Trinity College Dublin recently announced the discovery of a file containing student and information was available to anyone on the college network. The file, which was accessible between August 2009 and March 2011, contained the names, addresses, ID numbers and email addresses of TCD students and staff. In the announcement to those affected, TCD officials stressed the fact that the file was not accessible via the Internet, only the campus network. As required by data privacy legislation, TCD reported this incident to the Data Protection Commissioner.

Quick Facts

• Date: 4/18/2011
• Institution: Central Ohio Technical College
• Type of Incident: Unauthorized Disclosure
• Number Affected: 617
• Source: ESI
• Abstract Source: The Columbus Dispatch

Abstract
Central Ohio Technical College recently notified students after educational records were discovered in a file cabinet at an area storage facility. The cabinet, found at the Apple Tree Auction Center, contained course registration cards containing the names and Social Security numbers of 617 students registered for classes in Fall 2010. The cabinet was accidentally sent to storage when the college moved the Student Records office. Since January 2011, the college no longer records Social Security numbers on course registration cards. According to Central Ohio Technical College spokeswoman Alice Hutzel-Bateson, the records were back in the college's possession within 24 hours. The college is offering 12 months of free credit monitoring to those affected by this accident. Students with questions are asked to contact the college's Registrar Jackie Stewart at 740-364-9599.

Quick Facts

• Date: 4/18/2011
• Institution: Eastern Illinois University
• Type of Incident: Student Misconduct
• Number Affected: Unknown
• Source: ESI
• Abstract Source: Eastern Illinois University Press Release

Abstract
Eastern Illinois University recently announced the potential exposure of sensitive information after the improper disposal of paper records. The records, contained in two bags taken by a student worker as part of a prank, contained the names and Social Security numbers of individuals employed by EIU in 2002. At this point, the university is working to identify the individuals affected. Coles County Sheriff's Department notified the university on Friday morning that coarsely shredded documents had been dumped roadside. The university responded quickly and staff were sent to find and collect the shredded documents. While the records were shredded in accordance with state guidelines, sensitive information may have been visible. The university is working to institute procedures to prevent a similar incident in the future.

Quick Facts

• Date: 4/14/2011
• Institution: National University of Ireland, Galway
• Type of Incident: Unauthorized Disclosure
• Number Affected: Unknown
• Source: DataBreaches.net
• Abstract Source: NUI Galway Notice

Abstract
The National University of Ireland, Galway recently announced that a file containing personal student information was accidentally made available. The file contained the names, student ID numbers, email address, and mobile phone numbers of students from 2008. The data was exposed after a security issue with the NUI Galway Clubs and Societies computer housing the file and the university believes the file was accessed multiple times between September 2008 and December 2009. The university setup a hotline - 091 492852 - to help answer questions those affected might have.