Educational Security Incidents (ESI)

Quick Facts

• Date: 5/31/2006
• Institution: Florida International University
• Type of Incident: Penetration
• Number Affected: Unknown
• Source: InfoSec News
• Abstract Source: CBS4, Miami, FL

Abstract

Florida International University sent out notice "postcards" to students alerting the students to a computer breach that occurred two months ago. According to the University a hacker was able to compromise a database containing the names and Social Security numbers of FIU students and applicants. FIU officials have yet to comment about the delay in notification, which has caused worry among the affected students.

Quick Facts

• Date: 5/26/2006
• Institution: California State University, Stanislaus
• Type of Incident: Unauthorized Disclosure
• Number Affected: 1,294
• Source: Attrition.org
• Abstract Source: CSU Stanislaus Newsline

Abstract
CSU Stanislaus is alerting 1,294 students that their personal information might have been exposed after a file containing student names, addresses, employer information and Social Security numbers was discovered to be available in Google's cache. The file in question was initially leaked to the Google search engine in October 2005 but was quickly removed from both the CSU server and Google's search index. However, it appears that the file remained accessible to all through Google's Google Cache. CSU Stanislaus is currently working with the affected students, offering them one year of free credit monitoring with Equifax.

Quick Facts

• Date: 5/26/2006
• Institution: Sacred Heart University
• Type of Incident: Penetration
• Number Affected: 135,000
• Source: Security News Portal
• Abstract Source: ZDNet UK

Abstract

An attacker was able to breach the computer systems of Sacred Heart University earlier this month. Although little is known about the breach, the university notified 135,000 individuals that their personal information might have been compromised. The information exposed includes Social Security numbers, names, address, and other personal information. Attempts to speak with university officials concerning the breach have been unsuccessful.

Quick Facts

• Date: 5/23/2006
• Institution: University of Delaware
• Type of Incident: Penetration
• Number Affected: 1,076
• Source: Attrition.org
• Abstract Source: University of Delaware UDaily

Abstract
The University of Delaware is alerting over 1,000 students that a recent breach of a UD Public Safety computer exposed personal information including names, Social Security numbers, and Drivers License numbers. According to university officials it appears this individuals was after the student information on this server and was able to copy some of the information. Officials were quick to point out that university employees quickly enacted the university's incident response plan once the breach was identified. In addition to sending out letters, the university has setup a web site (http://www.udel.edu/security/identitytheft.html) to help answer any questions that students may have.

Quick Facts

• Date: 5/16/2006
• Institution: University of California, Berkeley
• Type of Incident: Penetration
• Number Affected: 1,200
• Source: Attrition.org
• Abstract: Berkeley

Abstract
A recent computer virus investigation at UC Berkeley uncovered unauthorized access within Berkeley's Cal 1 Card (C1C). Stored on the C1C computer were archived spreadsheets containing student information including names and Social Security numbers. A thorough investigation into this incident reveled no evidence that the unknown intruder accessed these spreadsheets. However, UC Berkeley is alerting 1,200 current and former students about the incident and urging them to closely monitor their credit.