Month of July, 2008
Library Database Breach Exposes Patron Data From Three Institutions
Quick Facts
- Date: 7/25/08
- Institution: Connecticut College, Trinity College, Wesleyan University
- Type of Incident: Penetration
- Number Affected: 2,800 - Connecticut College, 3 - Trinity College, 12 - Wesleyan University
- Source: ESI
- Abstract Source: Connecticut College News Release
Abstract
Connecticut College, Trinity College and Wesleyan University are working to alert over 2,800 library patrons after an unknown individual or individuals gained unauthorized access to library databases. The databases, belonging to the CTW library consortium and housed at Wesleyan University, contained the names, addresses, and Social Security or drivers license numbers on 2,800 Connecticut College, 3 Trinity College and 12 Wesleyan University library patrons. CTW staff took immediate action, deleting all Social Security and drivers license numbers and further securing the databases after discovering the breach. The CTW Consortium is offering all affecting individuals one year of Debix Identity Protection for free.
Student Arrested, Charged With Hacking System To Change Grades
Quick Facts
- Date: 7/25/08
- Institution: Georgia Highlands College
- Type of Incident: Penetration
- Number Affected: Unknown
- Source: ESI
- Abstract Source: The Atlanta Journal-Constitution
Abstract
Police arrested a Georgia Highlands College student, Christopher Fowler, on Thursday and charged Fowler with computer trespassing and unlawful eavesdropping. According to college officials more charges could be brought against Fowler. Fowler allegedly hacked into Georgia Highlands College computer system to alter his grades and steal passwords for other accounts. The Georgia Bureau of Investigations was called into help the investigation after the Kennesaw State University Police suspected Fowler gained unauthorized access to the Highland College systems.
Ohio University CORE Error Exposes Personal Information
Quick Facts
- Date: 7/25/08
- Institution: Ohio University
- Type of Incident: Unauthorized Disclosure
- Number Affected: 492
- Source: Attrition.org
- Abstract Source: The Columbia Dispatch
Abstract
A clerical error at Ohio University's Centers for Osteopathic Research and Education (CORE) caused personal information on 492 individuals to be posted online. The data, contained in an excel spreadsheet, contained the names, Social Security numbers, addresses, contact numbers and federal employment identification numbers of individuals that had spoke at CORE according to a university spokesperson. The spreadsheet had been available from March 20 until it was removed on June 16 when a nurse discovered the file while doing research online. According to CORE the document that should have been posted did not contain any personal information. The individual that made the error was placed on paid administrative leave pending a review. CORE has created a web site - www.ohiocore.org/answers - and hotline - 866-437-8698 - to help answer questions.
2,000 Warned After Hillsborough Community College Laptop Theft
Quick Facts
- Date: 7/24/08
- Institution: Hillsborough Community College
- Type of Incident: Theft
- Number Affected: 2,000
- Source: Pogo Was Right
- Abstract Source: Tampa Bay Online
Abstract
Hillsborough Community College is warning 2,000 staff members to monitor their bank accounts after the theft of a laptop containing staff information from a hotel parking lot. The laptop was used in as part of payroll project that involved names, Social Security numbers, bank-routing numbers and retirement information. According to the college spokesperson Ashley Carl, the programmer had deleted the information from the password-protected laptop prior to the theft. In the e-mail sent to staff, HCC vice president of information technology R. Bruce Judd asked that the affected individuals monitor their bank accounts and alert their banks and the college about any suspicious activity.
Moraine Park Technical College Bookstore System Breached
Quick Facts
- Date: 7/24/08
- Institution: Moraine Park Technical College
- Type of Incident: Penetration
- Number Affected: Unknown
- Source: ESI
- Abstract Source: Daily Citizen
Abstract
Moraine Park Technical College began notifying an unknown number of individuals after a breach of a bookstore server was discovered. According to Moraine Park President Gayle Hytrek, the incident affects individuals who purchased books or supplies at the bookstore between 2002 and 2006. MPTC is working with the provider of the bookstore software to secure the system against any future incidents.
Story updated 7/25 to correct a typo in the Abstract. Thank you to Allison Dolan for making ESI aware of the mistake.
