Personally Identifying Information
University of Indianapolis Computer System Breached
Quick Facts
- Date: 9/30/2008
- Institution: University of Indianapolis
- Type of Incident: Penetration
- Number Affected: 11,000
- Source: Attrition.org
- Abstract Source: Chicago Tribune
Abstract
The University of Indianapolis has begun notifying students, faculty and staff after an unknown individual breached a computer system containing personal information. The computer system affected contained records dating back more then two years that contained the names and Social Security numbers on 11,000 students, faculty and staff. U. Indy became aware of the breach after another school notified the university. The university is working with outside consultants to investigate the incident. According to University of Indianapolis president Beverley J. Pitts, "Our investigation leaves no doubt that this was a professional job by hackers from outside, and it was well beyond our control". U. Indy is offering affected individuals one year of free credit monitoring.
Former Sonoma State University Student Information Exposed
Quick Facts
- Date: 9/26/2008
- Institution: Sonoma State University
- Type of Incident: Unauthorized Disclosure
- Number Affected: 600
- Source: Pogo Was Right
- Abstract Source: The Press Democrat
Abstract
Sonoma State University officials are alerting former computer science students after the university became aware of a problem with an internal server. The server, an internal Web server, held a roster containing the names and Social Security numbers of about 600 former SSU computer science majors. While the file was not directly linked from any web page, it was discovered through a web site "crawler" program a former student ran. SSU officials immediately removed the file as soon as they were made aware of the problem. While the site was only accessible by a small number of individuals, SSU has alerted all of the affected individuals and suggests they monitor their credit reports for fraudulent activities.
TAMU Corpus Christi Computer Breached
Quick Facts
- Date: 9/19/2008
- Institution: Texas A&M University, Corpus Christi
- Type of Incident: Penetration
- Number Affected: 31
- Source: Pogo Was Right
- Abstract Source: KIIITV
Abstract
Texas A&M University, Corpus Christi announced that it discovered an unknown individual(s) gained access to a TAMU-CC server containing student information. The server in question contained an Economics-2301 class roster from 2004. This roster contained 31 student names and Social Security numbers. TAMU-CC discontinued the use of Social Security numbers as student identifiers in 2007.
[Update1]Tennessee State University Student Financial Aid Information Missing
Quick Facts
- Date: 9/12/2008
- Institution: Tennessee State University
- Type of Incident: Loss
- Number Affected: 9,000
- Source: ESI
- Abstract Source: Nashville Post
- Update1 Source: News Channel 5
Abstract
Tennessee State University recently announced that a flash drive containing student financial information has turned up missing. The drive, containing the names, Social Security numbers and financial records of over 9,000 TSU students dating back to 2002, was last seen Monday. TSU plans to have contacted all affected individuals by Friday of next week. TSU is offering one year of credit monitoring to all affected students. According to university officials, it appears the information was neither encrypted nor password-protected which is against university policies. The TSU Department of Internal Audit has launched an investigation into this incident and the employee that lost the flash drive has been placed on paid leave pending the outcome of the investigation.
Update1
According to a statement by TSU President Melvin Johnson the university has recovered the flash drive. Apparently the flash drive was taken by a student from the forum and used to save a paper. While the university does not believe the financial information was accessed, an audit is being conducted by the state to verify the data was not copied or tampered with.
University of Iowa Computer Breach Exposes Student Information
Quick Facts
- Date: 9/11/2008
- Institution: University of Iowa
- Type of Incident: Penetration
- Number Affected: 500
- Source: ESI
- Abstract Source: Press-Citizen
Abstract
The University of Iowa began notifying students after a computer containing student information was breached. The computer, belonging to the university's College of Engineering, contained the names and Social Security numbers of 500 students. According to the university, it seems the machine was compromised to be used as storage for copies of music and movies. It does not appear that the files containing student information were accessed during the breach.
