Quick Facts

• Date: 1/26/2011
• Institution: East Carolina University
• Type of Incident: Penetration
• Number Affected: Hundreds
• Source: ESI
• Abstract Source: WNCT, WCTI 12

Abstract
Hundreds of East Carolina University students that used their ECU issued Higher One debit and credit cards at the University Book Exchange in mid-January have reported unauthorized charges following a breach of the UBE's systems. The fraudulent charges are for a wide range of goods and services mostly around the Los Angeles area. Don Edwards, owner of UBE, said they do not know how this happened but are studying the situation. While the investigation is still ongoing, UBE has implemented additional security measures to help protect customer data. Fortunately for ECU students, all Higher One cards have zero liability protections so students are not responsible for fraudulent charges.

Quick Facts

• Date: 2/8/2008
• Institution: East Carolina University
• Type of Incident: Unauthorized Disclosure
• Number Affected: 736
• Source: SSNBreach.org, Pogo Was Right
• Abstract Source: SSNBreach.org Press Release
• Update Source: WITN

Abstract
SSNBreach.org and the Liberty Coalition announced today that former East Carolina University professor Ken Butler's personal web site (www.ropehouse.com) contained over 60 files containing the personal information on 736 ECU students. The information contained in the files included names, 412 Social Security numbers, student grades and e-mail addresses. The information was backed up to this site by Butler in March 2005 and was not removed until January 2008 after the Liberty Coalition informed him the files were accessible through Google searches. According to SSNBreach.org, Butler was aware that the files would be available to anyone online, but did not believe the files would get indexed by major search engines. It is not known at this time if ECU is aware of the breach.

Update
SSNBreach.org and the Liberty Coalition also notified East Carolina University about this incident. According to John Durham, an ECU spokesperson, ECU is investigating the incidents and expects to begin notifying affected individual by the end of next week.

Quick Facts

• Date: 2/9/2007
• Institution: East Carolina University
• Type of Incident: Penetration
• Number Affected: 65,000
• Source: ESI
• Abstract Source: WRAL

Abstract
East Carolina University is planning to notify 65,000 students, staff and alumni about a recent security breach in the university's online OnePass web site. A programming error made it possible for anyone to be able to view files created by the OnePass system. These files contained personal information on over 65,000 individuals, including names, Social Security numbers and even credit card information. While ECU is not aware of any mass downloads, it is aware that at least 21 credit card records were accessed by unauthorized individuals. An ECU student first noticed this problem in last January and immediately notified police. ECU staff had the OnePass site secured less then 15 minutes after police notified them of the problem. ECU officials announced the university is planning an internal and external audit of all technology systems.