Indiana University reports possible data breach - 13 WTHR Indianapolis

Indiana University reports possible data breach

Updated:
  • HeadlinesHeadlinesMore>>

  • Health care site flagged in Heartbleed review

    Health care site flagged in Heartbleed review

    Saturday, April 19 2014 3:50 PM EDT2014-04-19 19:50:22 GMT
    People who have accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the confounding Heartbleed Internet security flaw.More >>
    People who have accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the confounding Heartbleed Internet security flaw.More >>
  • Raccoons enter substation, spark power outage

    Raccoons enter substation, spark power outage

    Saturday, April 19 2014 2:29 PM EDT2014-04-19 18:29:08 GMT
    Hundreds of homes in eastern Indiana lost power in the middle of the night after officials say two raccoons slipped into a power substation and short-circuited electrical breakers.The two raccoons met their end about 3 a.m. Friday when the wandered into a Richmond Power Light substation and made contact with its busswork, the area where a transformer feeds electricity into the individual breakers.Utility employee Mike Elstro tells the Palladium-Itemthe raccoons were "smart little creatures" ...More >>
    Hundreds of homes in eastern Indiana lost power in the middle of the night after officials say two raccoons slipped into a power substation and short-circuited electrical breakers.The two raccoons met their end about 3 a.m. Friday when the wandered into a Richmond Power Light substation and made contact with its busswork, the area where a transformer feeds electricity into the individual breakers.Utility employee Mike Elstro tells the Palladium-Itemthe raccoons were "smart little creatures" ...More >>
  • Friends, colleagues remember life of slain IMPD officer

    Friends, colleagues remember life of slain IMPD officer

    Saturday, April 19 2014 12:34 PM EDT2014-04-19 16:34:23 GMT
    Picture provided by familyPicture provided by family
    The influence of an IMPD officer killed by her ex-husband in a murder-suicide went far beyond the police department. Neighbors and those who worked with Ofc. Kimberlee Carmack are still trying to understandMore >>
    The influence of an IMPD officer killed by her ex-husband in a murder-suicide went far beyond the police department.More >>
BLOOMINGTON -

Indiana University notified the Indiana Attorney General's office Tuesday about a data breach that potentially put thousands of students and recent graduates at risk.

An employee discovered the problem, involving people's personal information and now the university is taking steps to make sure people stay protected.

In Bloomington and at six other IU campuses across the state, students and recent grads could be at risk.

A data breach left their personal information exposed. Now, students are concerned.

"That's information that when you give it to the university, you expect that to be kept private," said IU junior Steven Cavanaugh.

"Gosh, your Social Security card number is like the one thing you're told to keep on lockdown," added IU senior Natalie Duffy. "You don't want anyone to have that number."

The exposed information includes names, addresses and Social Security numbers for about 146,000 people who attended or graduated IU between 2011 and 2014.

That many people could fill Assembly Hall eight times over.

"There are a lot of people and the records do contain sensitive information. That's why we're trying to be proactive," said Indiana University spokesman Mark Land.

IU notified the Attorney General's office, which is now investigating the breach.

"If you're one of the ones affected, it's obviously a very big issue," said Chuck Taylor, with the AG's identity theft division. "Since it involves Social Security numbers, it is something we'd take more seriously as well."

The university says this was essentially human error.

A change made in security 11 months ago left names and Social Security numbers at risk at the registrar's office.

Then, that personal information was accessed by computer data mining applications, called web crawlers, which are used to improve web search capabilities.

But IU doesn't believe that data was viewed or used for illegal purposes.

"We don't have any evidence that anyone has actually accessed these files. They were left unprotected, which we discovered last week," Land said. "But we did feel that we had an obligation to notify people that there was at least a small risk that this information was out there."

IU is offering a hotline beginning Friday, along with a website to answer questions and help people protect themselves. The call center has a toll-free number: 866-254-1484.

Students say plan to use it, no matter how small the risk they face from the breach.

"We'll take any measures that the university provides to make sure that our information's secure," Cavanaugh said.

IU plans to send out notifications to people affected later this week. The university will also provide the Social Security numbers and names of those potentially affected to the three major credit-reporting agencies.

A website with information on how to monitor one's credit accounts and with answers to other questions regarding the potential data exposure has been established here.

Even though there are no reports of fraud from the breach, the Attorney General's office recommends if you're concerned, you can put a security freeze on your credit or request fraud alerts to stay safe.

Powered by WorldNow