Ohio University Hit By Three Data Breaches

Nearly 200,000 identities may have been exposed to criminals in three separate incidents in a two-week period, Ohio University says.

May 12, 2006

2 Min Read
Network Computing logo

Nearly 200,000 identities may have been exposed to criminals in three separate incidents in a two-week period, Ohio University said Thursday, marking the latest in a string of data breaches to hit American schools.

According to details posted by the university's IT department, the break-ins, which were discovered on April 21, April 28, and May 4, involved systems that recorded detailed information on current and former students, faculty, and staff that included Social Security numbers, names, and dates of birth.

The Athens, Ohio-based school has formed a security SWAT team to both inform potential victims and take "aggressive steps to improve the security of data and IT resources on all Ohio University campuses," a message on Ohio's Web site read.

"We remain committed to making every effort to ensure that the university computer system is as secure as possible and protecting information pertaining to members of the university community, especially its students," Bill Sams, the school's chief information officer, said in a statement.

Ohio is working with the FBI -- which informed the school of the April 21 breach -- as well as other universities that have suffered data breaches to track down the attackers and beef up security.The university will have lots of choices when it reaches out to already-hit institutions. Half of all reported security breaches in the U.S. since February 2005 have happened at colleges and universities, Ohio said, with more than 25 major institutions losing data over the past 12 months.

In April, the University of Texas reported a breach, the second in three years, that exposed 200,000 individuals' identities. In the month prior, Georgetown University lost control of 41,000 IDs, while Notre Dame was hit by hackers in January, according to records kept by non-profit Privacy Rights Clearinghouse.

The April 24 breach at Ohio not only exposed almost 140,000 identities, but left a university computer in the hands of hackers, who used it to launch a denial-of-service (DoS) attack on an outside-the-school network.

To handle an expected flood of questions, Ohio University has set up a toll-free call center (800-901-2303).

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights