Educational Security Incidents (ESI)

Quick Facts

• Date: 2/2/2007
• Institution: University of Missouri
• Type of Incident: Penetration
• Number Affected: 1,220
• Source: ESI
• Abstract Source: Columbia Tribune

Abstract
The University of Missouri announced today that last month a computer in a computer used by researchers at University of Missouri institutions. This server was used as an electronic clearinghouse for researchers applying for and receiving pay through grants. Contained on this server was personal information including names, Social Security numbers, and other payroll information. In addition, UM staff believes that more the 2,500 passwords for the system might have also been compromised. University of Missouri notified all individuals affected by this breach by e-mail or registered letter and urged them to closely monitor their credit reports for signs of misuse.

Quick Facts

• Date: 1/26/2007
• Institution: University of Arizona
• Type of Incident: Penetration
• Number Affected: N/A
• Source: ESI
• Abstract Source: Arizona Daily Star

Abstract
The University of Arizona announced that two department Web servers were recently compromised by individuals believed to reside outside of the United States. These machines, belonging to the University's Philosophy department and the to the Large Binocular Telescope Observatory, were compromised through a known vulnerability in the Twiki collaboration software. The intruder used their access to upload pornographic material to the Web sites and redirect link traffic to adult pages. Luckily, no student or sensitive data is believed to have been contained on these machines. Interestingly enough, the departments these computers belonged to were aware of the vulnerability in the program, but had not had a chance to deploy the patch to fix the problem.

Quick Facts

• Date: 1/19/2007
• Institution: University of Texas, Dallas
• Type of Incident: Penetration
• Number Affected: 29,000 additional (35,000 total)
• Source: ESI
• Abstract Source: UT Dallas News Release

Abstract
After completing its investigation into last month's network breach, the University of Texas, Dallas has once again increased the number of records exposed to 35,000 total. This increase of 29,000 includes all individuals from the University's Erik Jonsson School of Engineering and Computer Science going back to 1993 and all University faculty and staff between 1999 and 2005. UT Dallas is still in the process of contacting all affected individuals by US Postal mail and has setup the following web site to help answer any questions about the incident: http://www.utdallas.edu/datacompromise/

Quick Facts

• Date: 1/10/2007
• Institution: University of Arizona
• Type of Incident: Penetration
• Number Affected: Unknown
• Source: ESI
• Abstract Source: SC Magazine

Abstract
The University of Arizona recently announced that a foreign hacker gained unauthorized access to the University's network systems. Last week, employees found a number of pirated movies and games on University computers. Also stored on these systems are employee names, Social Security numbers, University credit card information and other financial transaction information. The University does not believe this individual accessed this information. University of Arizona employee were able to trace the IP address of the attacker to an ISP in France.

Quick Facts

• Date: 1/4/2007
• Institution: University of Northern Iowa
• Type of Incident: Penetration
• Number Affected: Unknown
• Source: ESI
• Abstract Source: KCCI, Des Moines

Abstract
University of Northern Iowa has begun to alert users about a possible computer security breach at the university's Wellness and Recreation Center (WRC). The compromised server was used by the attackers to store and distribute digital music files. The university quickly reformatted the computer and has returned it to service. According to officials, this computer only contained internal UNI student ID numbers and personal information that is publicly available. However, the university is alerting all WRC users about the breach, even though there is little evidence that this public information was accessed. An investigation into this breach is still continues.