University Breaches Continue

Over the past few weeks, along with the continuous stream of medical office incidents, there has been a rash of breaches involving colleges and universities.  A trend to keep an eye on, since these facilities seem to hang on to much personal information and have so many transient computer systems.

Students and Missouri State University officials are on high-alert following a recent information security breach at the university’s College of Education.  In October and November of 2010, the College of Education prepared 9 lists of students by semester in preparation for its accreditation process.  The lists included the names and social security numbers of students for 9 semesters between 2005 and 2009 and were intended to be available to university personnel on secure servers.  According to a university press release, on February 22 it was discovered that at some point in October or November all nine lists, containing 6,030 students, were accidentally posted on Google by a university employee.

USC has experienced a computer security breach that has exposed the private information of 31,000 people, including social security numbers.  The security breach was discovered in January on a computer server at USC Sumter, potentially affected faculty, staff, retirees and students throughout the university systems eight campuses. Letters went out as soon as individuals were identified.

Imperial College students and staff in the Department of Computing are being forced to change their passwords after a breach in security on a departmental server.  The Department of Computing has found itself the subject of a “security breach”, and the ICT department is taking “precautionary” action to prevent malicious access to user accounts.  An email to all students and staff within the department advised that there had been “a root level compromise” discovered on the main shell server, affecting a significant number of commonly used DoC systems and DoC users.