Quick Facts

• Date: 11/30/2009
• Institution: Pennsylvania Sate University
• Type of Incident: Penetration
• Number Affected: 303
• Source: ESI
• Abstract Source: The Daily Collegian

Abstract
Penn State recently notified current and former students after a security incident may have exposed personal information. On August 3, Penn State Security Operations and Services notified university officials that the online grade book a professor used was compromised by a computer virus. The grade book contained the names, grades and Social Security numbers for 303 current and former students. While the information was taken offline when the problem was discovered, the Dean of the College of Earth and Mineral Sciences did not send letters to those affected until November. University spokesperson Annemarie Mountz stated that the university's response was in line with Pennsylvaina's Breach of Personal Information Notification Act. According to Mountz, there is no evidence this information was accessed by any unauthorized individuals. Mike McEvoy, a class of 2006 alumni affected by this incident, said he was thankful the university took immediate action to remove the information but wishes they had notified him in a more timely manner.