Educational Security Incidents (ESI)

Quick Facts

• Date: 9/3/2008
• Institution: Clarkson University
• Type of Incident: Unauthorized Disclosure
• Number Affected: 245
• Source: Pogo Was Right
• Abstract Source: Clarkson Integrator

Abstract
On August 26, a non-malicious student discovered they could access a file containing Clarkson University employee information on a secured Clarkson server. The file contained the names, dates of birth and Social Security numbers of 245 current and former employees. The student that discovered the file immediately alerted the university, which launched an investigation into the incident. According to the university, the file became available on August 25 when work on the server caused the permissions to default back to open. The investigation determined that the only person to access the file during the brief period it was unsecured was that student that reported the incident. The university contacted all of the affected individuals and briefed them on the incident. When the Clarkson Integrator spoke with Kelly Chezum, the Assistant to the President for Strategic Advancement, she responded that, as a person affected by the incident, she "feel[s] pretty confident my personal information is fine."

Quick Facts

• Date: 9/2/2008
• Institution: University of Illinois
• Type of Incident: Impersonation
• Number Affected: 1
• Source: ESI
• Abstract Source: News Gazette
• Update1 Source: Daily Illini

Abstract
University of Illinois officials are working to track down who sent a fraudulent email message purportedly from Chancellor Richard Herman. The e-mail message, sent from the chancellor AT uillinois.edu e-mail account, denounces fraternities and sororities calling recruiting activities "aggressive" and claiming that such organizations "perpetuate social inequality, especially with respect to the opposite gender, and promote a lack of diversity." According to officials within the Office of the Chancellor, which controls the chancellor AT uillinois.edu, the e-mail was sent from the account but that the e-mail was not sent by the chancellor. The Campus Information Technologies and Educational Services (CITES) staff is looking into how this e-mail was sent and is attempting to determine how many people received the fraudulent e-mail. According to Robin Kaler, the UI's associate chancellor for public affairs, the university plans to take disciplinary action against the individual responsible for sending the e-mail.

Update1
According to Mike Corn, director of security and privacy for CITES, the hoax email was not the result of a security breach. While the email appeared to be sent to "everyone@uillinois.edu", that was not the case. According to Corn, this part of the email was just text and the email was just another form of "phishing", designed to get grab everyone's attention.

Quick Facts

• Date: 9/2/2008
• Institution: Ivy Tech Community College
• Type of Incident: Unauthorized Disclosure
• Number Affected: Unknown
• Source: ESI
• Abstract Source: Ivy Tech Security Notice

Abstract
An astute reader wrote ESI to make us aware of a recent incident at Ivy Tech Community College. According to the Ivy Tech Security Notice, a "clerical error" when sharing a file containing student information caused the file to be shared with all Ivy Tech Indianapolis region employees. The file contained names, addresses and Social Security numbers of all students enrolled in spring 2008 distance education courses. The internal investigation reviled the between July 28 and July 31, 102 Ivy Tech employees accessed the file in question. In an alert to students, Ivy Tech recommends that the students place fraud alerts on their credit files as a precaution. Ivy Tech has created a web site - www.ivytech.edu/about/security/faq-0708.html - to help answer questions about the incident.

Corrected number of Ivy Tech employees accessing the file from 108 to 102. - Adam

Quick Facts

• Date: 8/27/2008
• Institution: Kansas State University
• Type of Incident: Theft
• Number Affected: 86
• Source: ESI
• Abstract Source: KTKA

Abstract
Kansas State University's Division of Continuing Education is notifying students that papers stolen from a parked car contained their personal information. The papers, stolen out of a professor's parked car, contained the names and Social Security numbers of 86 students that had taken Res 200 between Fall 2007 and Summer 2008. K-State is in the process of phasing out Social Security numbers and recently implemented a new student system which no longer uses Social Security numbers as student IDs. The university also plans to launch an education and awareness campaign for faculty and staff on protecting student information.

Quick Facts

• Date: 8/24/2008
• Institution: Khalsa College
• Type of Incident: Penetration
• Number Affected: None
• Source: ESI
• Abstract Source: Express India

Abstract
The state Anti-Terrorism Squad (ATS) traced an email supposed sent by the Indian Mujahideen to the WiFi network at Khalsa College in Matunga. It seems an unknown individual or unknown individuals compromised the WiFi network at the college and used this access to send an email with photographs of cars stolen for use in terror activities. The log files for the WiFi network were deleted by this individual or these individuals shortly after the email was sent. The ATS confiscated some equipment from the college and is now looking to work with VSNL and Google to trace the email.