Quick Facts

• Date: 4/18/2011
• Institution: Eastern Illinois University
• Type of Incident: Student Misconduct
• Number Affected: Unknown
• Source: ESI
• Abstract Source: Eastern Illinois University Press Release

Abstract
Eastern Illinois University recently announced the potential exposure of sensitive information after the improper disposal of paper records. The records, contained in two bags taken by a student worker as part of a prank, contained the names and Social Security numbers of individuals employed by EIU in 2002. At this point, the university is working to identify the individuals affected. Coles County Sheriff's Department notified the university on Friday morning that coarsely shredded documents had been dumped roadside. The university responded quickly and staff were sent to find and collect the shredded documents. While the records were shredded in accordance with state guidelines, sensitive information may have been visible. The university is working to institute procedures to prevent a similar incident in the future.

Quick Facts

• Date: 12/4/2009
• Institution: Eastern Illinois University
• Type of Incident: Penetration
• Number Affected: 9,000
• Source: ESI
• Abstract Source: EIU Notice to Students, Daily Eastern News

Abstract
Eastern Illinois University recently began notifying current and former students as well as applicants after discovering a security breach involving a server containing applicant information. The server, used by the Office of Admissions, contained the electronic applications for admissions between March 10, 2000 and November 16, 2009. These applications contained names, Social Security numbers, dates of birth, mailing addresses and other contact information on 9000 individuals. The university discovered the server was participating in a botnet on November 16 and took action to remove the server from use. An investigation discovered the server was compromised on November 11. While university officials state there is no evidence anyone accessed the applicant data, Eastern is offering those affected a one year membership for identity theft protection through Experian. When asked about the three week delay in notifying affected individuals, Adam Dodge, Eastern's IT Security Officer, stated that many factors contributed to delay including an in-depth investigation by Dodge's office, gathering information on the individuals on the server, collecting and verifying address information, and contracting with Experian.

Quick Facts

• Date: 1/26/2007
• Institution: Eastern Illinois University
• Type of Incident: Theft
• Number Affected: 1,400
• Source: Attrition.org
• Abstract Source: Journal-Gazzette - Times Courier

Abstract
Eastern Illinois University has begun to notify 1,400 fraternity and sorority members that they are now at risk for identity theft. A theft recently made off with one desktop computer as well as the hard drives and memory from two other computers within EIU's Student Life office. This equipment contained a listing of all EIU fraternity and sorority members and included names, Social Security numbers, addresses and dates of birth for each member. These files were protected only by a sign-on password to the computer. EIU stressed the fact that only current current information was contained on this equipment and the Student Life office routinely purges old student records from its computer systems each semester. EIU officials also mentioned that the university is in the middle of phasing out most of the SSN usage on campus, a project scheduled to be completed by 2008.