By Melissa Griffy Seeton
REPOSITORY EDUCATION WRITER
May 2, 2006
Bob Tscholl has contributed to Ohio University in many respects: He's
a Bobcat as are his three children.
A recent security breach may mean he'll give a little more.
But the Canton attorney has faith the university will do all it can to
"It kind of goes with the territory," Tscholl said. "Anytime you
belong to an organization nowadays, you have to be aware there is some
risk ... . I'm not too concerned."
Ohio University President Roderick McDavis announced at a press
conference Monday that he, too, is among the more than 300,000 alumni
and friends of Ohio University - not current students - whose personal
information may have been compromised when unauthorized access was
gained to a computer system supporting alumni relations.
"We are doing everything in our power to reduce the impact of this
data theft," Ohio University Associate Provost for Information
Technology and Chief Information Officer Bill Sams said in a press
release. "At this point, we have no evidence of illegal use of the
The breached computer system contained biographical information on
more than 300,000 individuals and organizations, including the Social
Security numbers of more than 137,000 people, according to university
officials. The files did not contain credit-card or bank information.
The security violation was discovered on April 24 when, according to
Sams, "The university immediately began assessing the situation to
determine its extent. Once it became clear that personal information
was involved, we began the process of notifying the affected
University officials were unable to confirm Monday how many Ohio
University alumni are from the Stark County area. A search of recent
college graduates revealed 12 local residents graduated from the
school in December and eight received diplomas last May.
The FBI is investigating the incident, and university officials said
the college will hire an outside consultant to conduct a risk
assessment of its computer information systems.
A separate security breach occurred at the college on April 21, when
office files were compromised at its Technology Transfer Department.
The files included e-mails, patent and intellectual property files.
Ohio University is at least the third college that has announced in
recent months unauthorized access was gained to confidential
In September, two computers were stolen from Kent State University
offices. The computers contained the names and Social Security numbers
of practically every student and instructor since 2002, and every
graduate since 1988.
And, in August, Web site security was breached at Stark State College
of Technology. Students couldn't access their own personal information
- such as their grades or student loans - instead the personal
information of another student was shown, including Social Security
numbers. College officials said the incident was not the result of a
hacker, but a computer software glitch.
Reach Repository writer Melissa Griffy Seeton at (330) 580-8318 or
e-mail: melissa.griffy @ cantonrep.com
COULD I BE AFFECTED?
Ohio University is sending e-mails and letters to people who may have
been affected by the security breach.
As a precaution, the university will not request personal information
electronically as part of this notification. The university cautions
people to not disclose personal information if they receive an e-mail
- even if it appears to come from the university.
The university has established a Web page at www.ohiou.edu/datatheft
to provide detailed information, and a toll-free hotline at (800)
Source: Ohio University
PROTECT YOURSELF FROM IDENTITY THEFT
Ohio University recommends that alumni protect themselves from the
security breech by:
-- Obtaining a free credit report from Equifax (800) 525-6285,
Experian (888) 397-3742 and TransUnion (800) 680-7289.
-- Calling these three credit reporting agencies to place fraud alerts
lasting 90 days on credit inquiries.
-- Monitoring credit accounts for any unusual activity during the next
Source: Ohio University
=A92006 The Repository
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts
from 40 nations,
10 tracks, no vendor pitches.