[BreachExchange] Two Daytona State College breaches affect students and staff

Inga Goddijn inga at riskbasedsecurity.com
Wed Mar 29 18:42:42 EDT 2017


https://www.scmagazine.com/daytona-state-college-hit-with-double-breach-affecting-staff-and-students/article/646957/

Daytona State College was hit with two data breaches this month that
affected both employee and student data.

Officials launched an investigation into the first breach
<https://www.scmagazine.com/search/breach/>, which may have compromised the
information of current and former employees, on Feb 19 and said they
discovered a second breach while compromised the student personal
information, according to *WFTV 9 News
<http://www.wftv.com/news/local/data-breach-may-put-daytona-state-college-students-personal-info-at-risk/506505427>*
.

The initial breach involved employee W-2 forms and the second breach
involved students who applied for the free application for federal student
aid, or FAFSA, and compromised Social Security numbers, names, addresses,
dates of birth, driver's license numbers and salary information.

The school did not give the exact number of employees that were affected in
the first breach however, Channel 9 reported the school employs nearly
1,000 people and the college said the breach could have exposed hundreds of
state employees.

The school also didn't release how many students were affected by the
breach however, 18,040 students were enrolled
<https://www.daytonastate.edu/ir/files/fall%20headcount%20by%20campus.pdf> as
of Fall 2015 and all students from every financial backgrounds are
encouraged to fill out the form.

Several students reportedly received letters from the school notifying them
of the incident and offering a year of free identity protection services if
they are concerned.

“We believe the incident was the result of certain insecure practices by
one of our third-party vendors,” the college told SC Media in a
statement. “We have identified and secured the breach. The college is
alerting all potentially affected individuals whose data could have been
accessed.”

The FBI and IRS are also investigating the breach and the school said it
will continue to cooperate with law enforcement on the investigation into
the matter.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170329/352f8deb/attachment.html>


More information about the BreachExchange mailing list