Educational Security Incidents (ESI)

Quick Facts

• Date: 8/1/2008
• Institution: University of Texas, Dallas
• Type of Incident: Penetration
• Number Affected: 9,100
• Source: ESI
• Abstract Source: Dallas News

Abstract
The University of Texas, Dallas is working to notify students, faculty and staff after staff discovered a computer breach on July 12. The computer contained names, addresses, telephone numbers, e-mail addresses and Social Security numbers on 9,100 individuals. The university does not know if the intruder(s) gained access to the Social Security numbers. According to the letter sent to affected individuals, the breach affected: 4,406 students on the Dean List or graduated between 2000 and 2006, 3,892 students that took part in a 2002 Office of Undergraduate Education survey, 88 Facilities Management staff members, and 716 faculty and staff listed on a 2002 space inventory.

Quick Facts

• Date: 7/11/2008
• Institution: University of Texas, Austin
• Type of Incident: Unauthorized Disclosure
• Number Affected: 2,490
• Source: SSNBreach.org
• Abstract Source: SSNBreach.org Media Release

Abstract
SSNBreach.org has announced that it discovered containing personal and sensitive information on University of Texas, Austin students and staff was available online. The information, contained in over 60 different files, contained information such as names, addresses, 66 social security numbers, 459 partial social security numbers, phone numbers, e-mails, scores, GPA, GRE Scores, Majors, Race, Gender, GPA, phone numbers, tax information, and other personal information. The files were found to have been posted online by at least four different faculty members. The university restricted access in January after being notified by SSNBreach.org but the files were still accessible through search engine caches through at least May 2008.

Quick Facts

• Date: 4/23/2008
• Institution: University of Texas Health Science Center at Tyler
• Type of Incident: Unauthorized Disclosure
• Number Affected: 2,000
• Source: Attrition.org
• Abstract Source: Tyler Morning Telegraph

Abstract
The University of Texas Health Science Center at Tyler is apologizing to patients after a it discovered that medical bills sent out clearly displayed patient Social Security numbers. A technical problem at CBE Group Inc., a collections agency used by UTHSCT, caused Social Security numbers to be printed on roughly 2,000 billing envelopes. UTHSCT is not aware of exactly how many individuals were affected since multiple bills could have been sent to a single individual. While UTHSCT is confident the exposure was limited since the information was not circulating around in public areas, the hospital takes full responsibility for the incident. UTHSCT urges anyone affected by this incident to contact the hospitals billing office. According to UTHSCT COO Rob Marshall, "It was a small glitch that we absolutely own up to and want to be able to take care of anyone who has issue as a result."

Quick Facts

• Date: 1/5/2008
• Institution: University of Texas, Austin
• Type of Incident: Unauthorized Disclosure
• Number Affected: 13
• Source: SSNBreach.org
• Abstract Source: SSNBreach.org Media Release

Abstract
SSNBreach.org discovered a file containing student information available online at the University of Texas, Austin. The file, placed online by Dr. K. Sathasivan of the College of Natural Sciences, contained the names, Social Security numbers, test scores, assignment scores and grades of 13 students from Dr. Sathasivan's Biology 331 course. The university removed the files within hours of notification.

Quick Facts

• Date: 10/10/2007
• Institution: University of Texas, Austin
• Type of Incident: Unauthorized Disclosure
• Number Affected: 22
• Source: ESI
• Abstract Source: SSNBreach.org

Abstract
SSNBreach.org has release another press release about an educational institution exposing private student information online. The University of Texas at Austin had six files on an unsecured FTP site that contained student information including names, Social Security numbers, gender, majors, grades, and e-mail address on 22 current and former students. Both the university and the FBI were contacted over this incident. The university immediately took action to remove this files and is working to contact these individuals about the problem. According to the Chief Information Security Officer Cam Beasley "The University of Texas at Austin takes these matters seriously and we are actively working to secure this information."