Quick Facts

• Date: 3/4/2011
• Institution: University of South Carolina, Sumter
• Type of Incident: Penetration
• Number Affected: 31,000
• Source: ESI
• Abstract Source: The Post and Courier, The State

Abstract
The University of South Carolina recently notified individuals that their personal information may have been exposed during a January 2011 security breach. The notices were sent to 31,000 faculty, staff, students and retirees at all eight University of South Carolina campuses after the breach of a server that is used by USC campuses to share data and information. The university does not have any evidence that personal information was accessed during the breach. The affected server was taken offline within two hours of discovering the breach in January. However, notices did not go out until all individuals potentially affected had been identified on March 1. According to USC spokeswoman Margaret Lamb, the university has addressed the issue, notified the individuals affected and provided these individuals with information on how to protect themselves from identity theft. It is not clear how the breach occurred, but according to Lamb the cause was human error.

Updated to correct typos. Special Thanks to Allison Dolan for pointing out the error. - Adam

Quick Facts

• Date: 4/24/2010
• Institution: University of South Carolina Beaufort
• Type of Incident: Theft
• Number Affected: 488
• Source: Data Loss DB
• Abstract Source: The Island Packet

Abstract
University of South Carolina Beaufort recently notified former students following the theft of a university laptop that may have contained personal information. The laptop, which belonged to the Office of Housing and Residence Life and was stolen from the house of an staff member's relative, at one time contained the names and Social Security numbers of 488 former students enrolled at USCB between 2005 and 2006. In the letter, university officials urged those affected to place an Initial Fraud Alert on their credit report. The theft is being investigated by the Atlanta Police Department as well as USCB's Division Of Law Enforcement and Safety.

Quick Facts

• Date: 6/9/2008
• Institution: University of South Carolina
• Type of Incident: Theft
• Number Affected: 7,000
• Source: ESI
• Abstract Source: The State

Abstract
The University of South Carolina is working to alert students, faculty and staff about the potential exposure of personal information after a Memorial Day weekend theft. A computer that could contain the personal information on 7,000 USC individuals, including 130 faculty members, was one of several items stolen over the Memorial Day weekend from an office in the university's Moore School of Business. According to a university spokesperson while the university has no evidence that personal information was accessed the university feels it has a responsibility to notify the individuals whose personal information was contained in the computer. Individuals affected include faculty and staff of the Moore School of Business as well as individuals enrolled in business courses last year.

Note: The link to the University of South Carolina has been updated. My apologies for the typo that caused the link to point to the University of Southern California. Thank you to Jackie Bannister for alerting me to the error.

Quick Facts

• Date: 9/6/2007
• Institution: University of South Carolina
• Type of Incident: Unauthorized Disclosure
• Number Affected: 1,482 [Updated]
• Source: ESI
• Abstract Source: The Daily Gamecock
• Update1 Source: The Charlotte Observer

Abstract
Aaron Titus of SSNBreach.org made a startling discovery over the weekend when a Yahoo search returned a spreadsheet contain the names, Social Security numbers, assignment scores, test scores, course grades and indications of academic misconduct on 3,199 University of South Carolina students. The spreadsheet was found on USC's Biological Sciences Department web site. Titus notified the university and the FBI on the same day the file was discovered and USC immediately began removing the information. However, the information still remained in major search engine indexes according to Titus. In an odd turn, it seems that USC has yet to inform the students affected by this incident. According to second-year chemistry student, Elyse Coolidge, "I feel disappointed [over the lack of notification]. If the university knows they made a mistake, they should at least have the integrity to tell me."

Update1
According to USC spokesperson Russ McKinney the total number of USC students affect by the breach stands at 1,482. McKinney also stated that the university takes this matter very seriously and is investigating exactly what occurred. At this point, it appears that the individual responsible for placing the information on the web was not aware that the file would be accessible to individuals outside of the university.

Quick Facts

• Date: 8/26/2006
• Institution: University of South Carolina
• Type of Incident: Penetration
• Number Affected: 6,000
• Source: Attrition.org
• Abstract Source: The State (via Attrition mirror)

Abstract
The University of South Carolina recently warned 6,000 students that their personal information is a risk due to a computer breach. A recent computer security audit reveled that an unknown individual gained unauthorized access to a computer server back in September 2005. This server contained student information including names and Social Security numbers. The university is not aware of any illegal use of this information but expresses regret over the incident. According to officials the incident should have occurred and USC has secured the server.