Indiana University Reports Breach

Information on 146,000 Students Potentially Exposed
Indiana University Reports Breach

Indiana University reports that information on approximately 146,000 students and recent graduates was compromised after the data was accessed by three automated computer data mining applications, known as webcrawlers, used to improve Web search capabilities.

See Also: User Entity & Behavior Analytics 101: Strategies to Detect Unusual Security Behaviors

The university notified the Indiana attorney general Feb. 25 about the incident.

Potentially exposed information includes Social Security numbers, names, birthdates, addresses, and enrollment and degree information for students and recent graduates across seven IU campuses who attended the university from 2011 to 2014, the university says in a statement.

"The university has no evidence that the files have been viewed or used for inappropriate or illegal purposes," the statement says.

"IU takes the security of all its data, especially the personal information of its students, extremely seriously and apologizes for any concern this issue may cause among our students and their families," says John Applegate, executive vice president for university academic affairs. "The university also is committed to assisting those whose information was potentially exposed."

Indiana University is notifying individuals affected and has set up a call center to handle questions. An online FAQ posting offers details.

The university at this point isn't offering credit monitoring services. "We have no evidence that anyone's data has been accessed by individuals," a spokesperson says. "This wasn't a targeted attack, but rather a case where data was left unencrypted and was indexed by a webcrawler."

The breach comes a week after an incident at the University of Maryland that potentially exposed 310,000 records (see: Univ. of Maryland Reports Major Breach). That incident was due to a "sophisticated computer security attack," which compromised Social Security numbers and other information, university officials said.

About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.