Northwestern University -- 17K names and SSNs, 9 p0wned desktops

[Chris Walsh <cwalsh () cwalsh org>]

Data Breach Occurs at Northwestern

EVANSTON, Ill. --- Northwestern University recently discovered that  
files containing names and personal identification information were  
on nine desktop computers that had been accessed by unauthorized  
persons from outside the University.

As many as 17,000 individuals' records have been identified as being  
stored on the computers in the Office of Admission and Financial Aid.  
Northwestern is continuing to investigate the incident to determine  
if additional records may have been involved. There is no indication  
that the unauthorized persons accessed any of the personal  
information, or were even aware of its existence on those computers.

As soon as the computer security breach was discovered,  
Northwestern's technical support personnel shut down the affected  
computers. In compliance with University policies and privacy  
regulations, Northwestern is notifying the individuals for whom it  
has addresses whose information was stored on the computers.

While there is no indication that any personal information was  
accessed, Northwestern recommends that, as a precautionary measure,  
anyone who has provided Social Security number information to the  
University's Office of Admission and Financial Aid follow the  
identity theft precautions published by the Federal Trade Commission:

http://www.northwestern.edu/newscenter/stories/2006/07/data.html
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/errata/dataloss/