Data Breach At University of Nebraska
Wednesday, May 30, 2012
There is a storm brewing at the University of Nebraska. After a member of the school's information technology department discovered the data breach on May 23, the university distributed a notice on May 25 that the Nebraska Student Information Service, NeSIS, which contains sensitive information about students, alumni, and applicants had been accessed by unauthorized users.
Individuals are concerned because the types of data exposed or stolen includes school records, addresses, bank account information, and Social Security numbers. The breached database contains records for more than 650,000 individuals. The breach affects students, alumni, and applicants of the university’s four campuses, the Nebraska College of Technical Agriculture, plus university employees and parents of students who applied for financial aid.
In a letter to breach victims, Joshua Mauk, the university's Information Security Officer stated:
"On May 23, 2012, University personnel detected a security breach in the system indicating that an unauthorized individual had gained high-level access to the restricted database. This was a sophisticated and skilled attack on our system. Information in the system includes Social Security numbers, any bank account information associated with the NeSIS account, and personal and academic data. Our records indicate that you have a bank account that is associated with your NeSIS account, so we are writing to notify you of this breach and to advise you to monitor your bank accounts over the next several weeks and report any suspicious activity to your financial institution."
The letter also advises individuals to monitor their financial accounts and to consider placing a fraud alert or security freeze on their credit reports at the major credit reporting firms: Equifax, Experian, and TransUnion. The final number of records exposed/stolen has not been determined yet.
A breach investigation is underway by Nebraska University with local and federal law enforcement. The university has set up the http://nebraska.edu/security website to distribute updates about the breach and breach investigation.
Data security has been an issue in higher education since at least 2005: George Mason University (32,000 records). Recent, notable data breaches:
- May 3, 2012: University of Pittsburgh: undisclosed
- April 30, 2012: Volunteer State Community College (Tennessee): 14,000 records
- April 18, 2012: Emory Healthcare, Emory University Hospital: 315,000 records
- April 14, 2012: Texas A&M University: 4,000 records
- April 10, 2012: Case Western Reserve University: 600 records
- March 31, 2012; San Francisco State University: undisclosed
- March 16, 2012: University of Tampa: 30,000 records
- March 14, 2012: Humboldt State University: 5,700 records
- March 13, 2012: Brigham Young University: 1,300 records
- February 16, 2012: Central Connecticut State University: 18,763 records
- February 15, 2012: University of North Carolina at Charlotte: 350,000 records
- January 27, 2012: Indiana University (President's Challenge): 650,000 records
- January 20, 2012: Arizona State University: 300,000 records
Breach history source: Privacy Rights Clearinghouse
Terrible incident and I think university of Nebraska would have been very concerning for this incident. Data security is the most important issue for anyone now and hopefully they're preparing for good defense. Thanks
Posted by: English Adam | Thursday, May 31, 2012 at 02:21 AM
Nice Post! i hope that University of Nebraska have to aware of their security and should be follow of their incident.thanks for ur article and take it up.Online
Posted by: heaven | Tuesday, June 05, 2012 at 03:20 AM
This event should be an eye opener for all universities to tighten their data security. Leaked data and information can be used by anyone who can get their hands on them. Good thing the university is investigating the situation. Just imagine if the financial information of a student is used without him or her knowing anything about it. The hopes and dreams of a student to finish his or her studies would all be dashed, crushed by identity theft.
Posted by: Ruby Badcoe | Monday, July 16, 2012 at 02:38 PM
Blogs are so informative where we get lots of information on any topic… Thanks and keep up the good work
Posted by: xavier kyte | Saturday, July 28, 2012 at 02:51 AM
Leakage of private information on people, students is really very disturbing. It could enable bad intentioned thieves to take advantage of private data concerning students, steal their identity, their grades, etc...
Posted by: chantal | Sunday, September 02, 2012 at 02:56 AM