Educational Security Incidents (ESI)

Quick Facts

• Date: 6/3/2008
• Institution: University of California, Irvine
• Type of Incident: Employee Fraud (updated)
• Number Affected: 1,132
• Source: Pogo Was Right
• Abstract Source: ComputerWorld
• Update1 Source: The Mercury News

Abstract
A large number of ID theft crimes affecting University of California, Irvine medical students has been traced back to a data breach at UnitedHeathCare. A total of 1,132 current and former graduate students enrolled in the university's graduate student health insurance program could fall victim to tax scam. So far, 155 of these students have had criminals file false tax returns in the students name an collect the refunds. Only those students enrolled in the insurance program in 2006-2007 are affected. The University of California, Irvine has setup a web site - www.uci.edu/identitytheftalert/ - to answer questions about this incident.

Update1
Police have arrested a Fort Worth, Texas man in connection with the ID theft crimes affected UC Irvine students. Authorities allege that Micheal Tyrone Thomas stole a file containing UC Irvine student information while working for UnitedHealthcare. According to a UnitedHealthcare statement, the company is "outraged that a former employee may have illegally accessed information regarding certain University of California, Irvine, students and may have used the information for criminal purposes" and UnitedHealthcare is working with authorities on the case.

Quick Facts

• Date: 5/29/2008
• Institution: University of California, San Francisco
• Type of Incident: Penetration
• Number Affected: 3,569
• Source: Attrition.org
• Abstract Source: UCSF News Office

Abstract
The University of California, San Francisco is currently alerting a number of patients that their information may have been accessed by an unknown individual. In January 2008, UCSF noticed odd traffic coming from a computer in January and an investigation turned up that an unknown individual installed an unauthorized file sharing program on the computer. This computer also contained the names, Social Security numbers, dates of pathology service and health information of 2,625 UCSF patients and 944 patients whose tissue samples were used by the department. While there is no evidence the patient files were accessed, UCSF takes this incident and patient confidentiality very seriously. The university has created a hotline - 415-353-7427 - and e-mail address - PathHotline@ucsf.edu - to help answer any questions affected individuals might have.

Quick Facts

• Date: 5/2/2008
• Institution: University of California, San Francisco
• Type of Incident: Unauthorized Disclosure
• Number Affected: 6,313
• Source: ESI
• Abstract Source: San Francisco Chronicle

Abstract
The University of California, San Francisco is alerting patients after personal patient information connected with the university was found online. In October of 2007, UCSF became aware that patient information the university had shared with Target America Inc. to help identify potential donors was available online. The information available included the names, addresses, names of departments where patient received care and in some cases patient medical record numbers and physicians providing care on 6,313 UCSF patients. UCSF took immediate action to remove public access to the data once it was aware of the incident. In addition, UCSF ended the business agreement it had with Trade America shortly after the incident was discovered. UCSF is mailed notification letters to the affected patients in April. It is not known why UCSF waited so long to notify patients about the exposure.

Quick Facts

• Date: 11/5/2007
• Institution: University of California - Davis
• Type of Incident: Penetration
• Number Affected: 168
• Source: Pogo Was Right
• Abstract Source: SacBee

Abstract
It is believed that a UC Davis student is the individual behind a breach that occurred at the university last month. UC Davis staff was able to trace the unauthorized access of 168 student accounts back to one of the university dorms. At this point there is no evidence that this individual did more then just log into the accounts. Campus police are still investigating this incident. According to university officials, the suspected student has moved out of the university dorms and may have withdrawn from the university.

Quick Facts

• Date: 6/27/2007
• Institution: University of California, Davis
• Type of Incident: Penetration
• Number Affected: 1,495
• Source: ESI
• Abstract Source: MSN Money
• Update Source: UC Davis News & Information

Abstract
University of California, Davis officials are alerting applicants to the university's School of Veterinary Medicine over a recently discovered computer security breach. UC Davis discovered that unknown individuals had gained unauthorized access to 1,120 2007-2008 prospective student applications and 375 applications for the 2004-2005 school year. Contained on these applications are student names, birth dates, Social Security numbers and school history. UC Davis became aware of the breach when an accepted student went to register for a computer account and was told an account already existed for them. UC Davis campus police are investigating this incident with the help of the Sacramento Valley High Tech Crimes Task Force.

Update: In a June 27 letter to all affected individuals, UC Davis Dean of the School of Veterinary Medicine Bennie Osburn announced that the university will pay for one year of credit monitoring service for all affected individuals. In addition, the letter urged individuals to learn more follow the steps outlined on the FTC's web site, the Social Security Administration's anti-fraud hotline and the Identity Theft Victim Web site. Any student affected by this incident that was admitted to the School of Veterinary Medicine was asked to change their computer account password and fill out challenge questions to help prevent misuse in the future.