Related Links

Top 5 Stories


EWU exposes 130 000 student records

04 January 2010

Eastern Washington University has notified present and former students of a massive data breach of its systems that could affect up to 130 000 people.

The breach occurred after administrators audited the University's network, according to a breach notification sent out to students. The intruder installed file sharing software on network machines that could have enabled the sensitive information to be filched from the network. Data involved in the breach, which dates back to 1987, includes names, social security numbers and dates of birth.

"These data are now secure, and a forensic analysis of the system has led the university to believe that no one's personal information has been compromised", said Eastern Washington University in a statement. "As a precaution, the university is mailing notification letters to people whose personal data may have been exposed so they can take the appropriate steps to protect themselves from fraud."

The University also set up a security hotline for students, but didn't go so far as to instigate free credit protection. Instead, it merely listed the numbers of credit reporting agencies on its website.

"It's a little shocking because you give your information to the University and it seems like a safe place to store that", said EWU student Drew Henry. "It's scary to know that someone could have your information to access credit, and could use that further down the line."

This is EWU's first reported data breach, but other Universities have suffered their own losses. The biggest university breach to date was reported in June 2008, when 2.2 million billing records were compromised on tapes stolen from University of Utah Hospitals and Clinics.

More recently, 236 000 records were reported stolen from a hacked University of North Carolina server in September. That breach, which reports said may have occurred up to two years prior, involved the data of women enrolled in a mammography study.

And in another breach reported last month, Pennsylvania State University said that 261 records from an archived class list may have been stolen using malware.

This article is featured in:
Data Loss  •  Internet and Network Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×