Quick Facts

• Date: 1/24/2010
• Institution: University of Missouri
• Type of Incident: Unauthorized Disclosure
• Number Affected: 750
• Source: ESI
• Abstract Source: KRCG

Abstract
The University of Missouri recently began notifying employees after a mix-up in mailing information was reported by a contractor. On Jan 21st, letters were sent to 750 employees after Coventry Health Care, which manages the university's insurance program, mailed health benefit statements, health services letters and new ID cards to the incorrect addresses. According to Coventry, a computer error caused names to be aligned with the wrong address. The university became aware of the problem on January 14th when an employee reported getting a letter from Coventry intended for another person. On January 20th, Coventry responded to the university with an explanation of the error as well as the safeguards being put in place to avoid a similar issue in the future. The letters to the affected employees urges them to monitor their insurance claims for signs of misuse. Coventry has not issued new ID cards to those affected because the Coventry ID number is a variation of the University of Missouri ID number.

Quick Facts

• Date: 1/21/2010
• Institution: University of Missouri System
• Type of Incident: Unauthorized Disclosure
• Number Affected: up to 75,000
• Source: ESI
• Abstract Source: Missourian

Abstract
The University of Missouri System recently sent an email informing students that their personal information may have been exposed on tax form. An unknown number of the over 75,000 1098-T forms sent to University of Missouri System students displayed student Social Security Numbers in the envelope window. According to Campus Mail Services, the SSNs became visible in the window due to a folding error. According to Nikki Krawitz, UM vice president of finance and administration, a project is in the works to move the University of Missouri System away from using Social Security Numbers as unique student identifiers. Krawitz also encouraged concerned students and parents to take advantage of credit monitoring through Experian which is available at a reduced rate.

Quick Facts

• Date: 5/8/2007
• Institution: University of Missouri
• Type of Incident: Penetration
• Number affected: 22,396 (See Update)
• Source: ESI, Pogo Was Right
• Abstract Source: Columbia Missourian
• Update Source: Columbia Tribune

Abstract
The University of Missouri is urging current and former staff members to closely monitor their credit reports after a recent security breach. An unknown individual was able to gain access to an MU database containing personal information on current and former MU employees. Information contained in the database includes names and Social Security numbers. According to MU officials this unknown intruder did intentionally access some of the records in the database. Since the motivation of this individual is not yet know, MU is urging all staff take steps to protect themselves. According to MU Vice President for Information Technology Gary K. Allen, MU takes this incident very serious and has notified local law enforcement.

Update: As more reports come to light, this incident involved the unknown individual(s) gaining access to a report complied from 2004 staff and student information and contained information on 22,396 individuals. This intruder was able to gain access to this report through a Web page used to make inquires into open problem calls from the UM help desk. The report has since been removed from the UM systems. UM has setup a a hotline - 573-884-7222 and 866-241-5619 - as well as a Web site - http://doit.missouri.edu/computersecurity - to help answer questions about this incident.

Quick Facts

• Date: 2/2/2007
• Institution: University of Missouri
• Type of Incident: Penetration
• Number Affected: 1,220
• Source: ESI
• Abstract Source: Columbia Tribune

Abstract
The University of Missouri announced today that last month a computer in a computer used by researchers at University of Missouri institutions. This server was used as an electronic clearinghouse for researchers applying for and receiving pay through grants. Contained on this server was personal information including names, Social Security numbers, and other payroll information. In addition, UM staff believes that more the 2,500 passwords for the system might have also been compromised. University of Missouri notified all individuals affected by this breach by e-mail or registered letter and urged them to closely monitor their credit reports for signs of misuse.