[ISN] Computer breach exposes WIU students' data
InfoSec News
isn at c4i.org
Mon Jun 19 03:41:35 EDT 2006
http://www.pjstar.com/stories/061606/REG_BA4963CQ.033.shtml
BY JODI POSPESCHIL
OF THE JOURNAL STAR
June 16, 2006
MACOMB - A computer system breach at Western Illinois University
earlier this month has led to the possible compromise of student
information, including Social Security numbers, the school said
Thursday.
WIU officials said the school has "closed a breach in computer
security and adopted additional security measures" in response to a
June 5 incident. The school said the incident involved "data
security."
WIU spokesman John Maguire said Thursday the school has multiple
computer systems and one of them, which contains student information,
was breached.
The system houses not only Social Security numbers but also credit
card information for people who have made purchases online from the
school's bookstore or who have stayed at the University Union hotel.
"Checks (on the system) are made on a regular basis," Maguire said.
"During one of those checks the (problem) was noticed and immediately
fixed."
Maguire also said the school's academic records were not part of those
accessed.
"The grades and transcripts are secure," he said.
In a release issued Thursday, school officials said an investigation
doesn't show evidence that any records were copied from the school's
files. Even so, the school is still notifying anyone who has records
in the system that their files could have been viewed or copied.
WIU officials said they are reviewing all operations of the school's
computer systems.
Review by a campuswide technical group is being coordinated by Mitch
Davidson, executive director of the University Computer Support
Services.
"We are working diligently to ensure that the university computer
systems are as secure as possible, with the goal that this type of
breach doesn't occur again," Davidson said.
A letter to the campus community was put on the school's Web site. The
letter was written by W. Garry Johnson, WIU's vice president for
student services.
The letter reminds those with records in the system to protect against
identity theft.
Maguire said letters are being sent to anyone who had records in the
system.
Because of the criminal implications of the breach, school officials
said the WIU Office of Public Safety has been notified. WIU also has
set up a Web site to disseminate information about the issue at
www.wiu.edu/securityalert.
© 2006 PEORIA JOURNAL STAR, INC.
More information about the ISN
mailing list