Posts Tagged ‘California State University Los Angeles’

Colleges and Universities report 9 data breaches in August

Thursday, September 3rd, 2009

August was an especially busy month for hackers, thieves and inept university IT employees. There were nine reported data breaches at American educational institutions last month—hackers were blamed for two; thieves for three; and, inept employees who inadvertently exposed personally identifying information caused three more.

The ninth incident occurred at the University of Texas, Brownsville and involved student and employee fraud. The security breach involved stolen test answers and no personally identifying information was revealed.

The total reported number of compromised records is low—roughly 2,000—but three of the universities failed to reveal the number of compromised records, so the total is undoubtedly higher.

  • University of Oregon
    Unauthorized disclosure
    Roughly 20 student records exposed because of a flaw in the university’s degree auditing system.
  • University of California, Berkeley
    School of Journalism
    Hacking
    Names, birth dates, and Social Security numbers of 493 students who applied for admission between September 2007 and May 2009 were vulnerable when the school’s web server was breached.
  • Louisiana State University
    Unauthorized disclosure
    Number of affected records unknown
    Students’ personal information, including names and Social Security numbers, was inadvertently posted on an LSU web site.
  • Northern Kentucky University
    Computer theft
    Names and Social Security numbers of at least 200 current and former students were contained on a laptop stolen from an on-campus, secured location. There was no mention of whether the information was encrypted or password-protected.
  • California State University, Los Angeles
    Computer theft
    Names, address and Social Security numbers of more than 600 CSULA employees and former students were contained on two desktop computers and 12 laptops stolen from campus.
  • Boston University
  • ROTC Program
    Unauthorized disclosure
    6,675 ROTC students (406 from BU; the balance from other ROTC programs around the country) were affected when their records were inadvertently exposed on the Internet via a file-sharing program installed on a university computer.
  • University of Massachusetts, Amherst
    Hacking
    Number of affected records unknown
    20 years of student records exposed in a data breach, which occurred last year between September 15 and October 27. Information includes names, Social Security numbers and some credit card information of current and former students who attended the university between 1982 and 2002.
  • Bluegrass Community and Technical College, Lexington, KY
    Theft
    Little information is available, other than that personal information including Social Security numbers of 100 or fewer students was stolen from the college.

Information for this post was gathered from ESI (Education Security Incidents). For more information on data breaches at colleges and universities, visit www.adamdodge.com/esi/month/2009/08.

Tags: , , , , , , , , , , , , , , , , , , , ,
Posted in data breach | 1 Comment »