Educational Security Incidents (ESI)

Quick Facts

• Date: 6/29/2007
• Institution: Robeson Community College
• Type of Incident: Theft
• Number Affected: 9 to 24
• Source: Pogo Was Right
• Abstract Source: The Fayetteville Observer

Abstract
Robeson Community College is reporting that at least two dozen donation checks, mostly belonging to employees of the college, were stolen during a recent fundraiser by the Robeson Community College Foundation. According to Robeson officials, the thief took the checks but left the cash donations alone even though the two donations were next to each other. Soon the reason for this became clear. The thief used the checking account number and routing numbers to create fake checks which have been used to drain about $10,000 total from nine different employee checking accounts. The good news for the employees is that the banks are on alert and are not processing these checks. Robeson officials have also contacted all donors to alert them about the theft as a precaution.

Quick Facts

• Date: 6/28/2007
• Institution: University of Florida
• Type of Incident: Theft
• Number Affected: 946
• Source: ESI
• Abstract Source: WJXT, Jacksonville

Abstract
Shands Hospital and the University of Florida called in the police to investigate the theft of a hard drive containing patient information. In all, the stolen hard drive contained 946 patient records, including names, medical record numbers, birth dates and medical information. According to a police report, the drive was stolen from UF on May 30, but was not reported to the police until June 6. This delay makes it very difficult to investigate the theft according to police. According to UF, new security measures are in place to help prevent future thefts.

Quick Facts

• Date: 6/27/2007
• Institution: University of California, Davis
• Type of Incident: Penetration
• Number Affected: 1,495
• Source: ESI
• Abstract Source: MSN Money
• Update Source: UC Davis News & Information

Abstract
University of California, Davis officials are alerting applicants to the university's School of Veterinary Medicine over a recently discovered computer security breach. UC Davis discovered that unknown individuals had gained unauthorized access to 1,120 2007-2008 prospective student applications and 375 applications for the 2004-2005 school year. Contained on these applications are student names, birth dates, Social Security numbers and school history. UC Davis became aware of the breach when an accepted student went to register for a computer account and was told an account already existed for them. UC Davis campus police are investigating this incident with the help of the Sacramento Valley High Tech Crimes Task Force.

Update: In a June 27 letter to all affected individuals, UC Davis Dean of the School of Veterinary Medicine Bennie Osburn announced that the university will pay for one year of credit monitoring service for all affected individuals. In addition, the letter urged individuals to learn more follow the steps outlined on the FTC's web site, the Social Security Administration's anti-fraud hotline and the Identity Theft Victim Web site. Any student affected by this incident that was admitted to the School of Veterinary Medicine was asked to change their computer account password and fill out challenge questions to help prevent misuse in the future.

Quick Facts

• Date: 6/27/2007
• Institution: Bowling Green State University
• Type of Incident: Loss
• Number Affected: 199
• Source: ESI
• Abstract Source: Toledo Blade

Abstract
Bowling Green State University is alerting student that their personal information was contained on a flash drive that has been lost. The drive, belonging to accounting professor W. David Albrecht, contained the names and Social Security numbers of 199 students that took Mr. Albrecht’s classes in 1992. Bowling Green phased out the use of Social Security number in 1992, but is alerting all of Albrecht’s 1,800 students since 1992 as a precaution. At this point, Bowling Green does not believe the drive was stolen. Bowling Green is offering all 1992 student affected by the incident one year of free credit monitoring service.

Quick Facts

• Date: 6/21/2007
• Institution: University of Tokyo
• Type of Incident: Loss
• Number Affected: 120
• Source: Pogo Was Right
• Abstract Source: Mainchi Daily News (via MSN)

Abstract
Tokyo University hospital has announced the loss of documents containing the personal information on 120 patients. Contained on these documents are patient birthdates, telephone number and illness names for each patient. The documents were kept at a nurse’s station and were first noticed missing on June 11. The hospital has since apologized to all affected patients.