IU Student Data Exposed For 11 Months

Posted On February 26, 2014

By Mike Perleberg

indiana-university-logo-stone-small.jpg(Bloomington, Ind.) – The names, addresses and Social Security numbers of about 146,000 students at Indiana University may have been exposed online.

IU spokesman Mark Land says the information was accessible for 11 months. The potential exposure affects students from seven IU campuses from 2011 to 2014.

“They were left unprotected which we discovered last week,” Land said.

Land said there’s no evidence that the exposed data was viewed or used for illegal purposes. Unlike recent high-profile data breaches, no servers or systems were compromised.

According to the university, the information was not downloaded by an unauthorized individual looking for specific sensitive data, but rather was accessed by three automated computer data mining applications, called webcrawlers, used to improve Web search capabilities.

“We did feel that we had an obligation to notify people that there was at least a small risk that this information was out there,” Land said.

IU will begin notifying all students affected by the possible data exposure this week. The university will set up a call center to handle questions by Friday, February 28 at 8:00 a.m., at 866-254-1484. A website has been set up with information on how to monitor credit accounts and information on the exposure.

To assist with credit monitoring, IU said it will supply the Social Security numbers and names of those potentially affected to all three major credit-reporting agencies.