IT Security Updates

On February 13, 2008, a security incident occurred on one of Antioch University's computer systems. The University responded aggressively by immediately contacting forensic software investigators to examine its computer system.

After analyzing Antioch's computer system, the investigators determined that an unauthorized intruder breached one of Antioch's computer systems on three different occasions: June 9, 2007, June 10, 2007, and October 11, 2007. The system contains files with Social Security numbers, names, academic records for students and former students, and payroll records for Antioch's employees and former employees. It also contains names and Social Security numbers for student applicants.

We are not aware of a single report of identity theft as a result of the intruder's actions. No conclusive evidence has been found that the intruder actually acquired, viewed, copied, or otherwise misappropriated any of your personal information. Nonetheless, we are continuing to analyze all available evidence to determine the extent of the intrusion. Based on what we know regarding the facts surrounding the intrusion, we believe it is unlikely your information has been or will be misused. However, the University does not seek to minimize the concerns raised by this intrusion.

Improvements to our system are being made but it is constant vigilance and a sense of caution that are necessary in keeping the system we develop safe. We will continue to reevaluate, identify, and remove potential vulnerabilities as we make improvements to our security system.

The University is working with appropriate federal and state law enforcement agencies to apprehend the responsible party and to determine if any personal information was stolen. The University will aggressively pursue those responsible for the breach. Additionally, we have contacted the three major consumer credit reporting agencies to inform them of this incident.

Antioch University takes the security and privacy of its employees, students, and applicants seriously and deeply regrets that this incident has occurred. Because of this, we are taking the following precautions to assist you in protecting your private information.

• A Toll Free Hotline at 1-866-905-2288 has been set up to assist you with answers to any questions or concerns regarding the data security intrusion. The Toll Free Hotline is available from 9 a.m. to 5 p.m. EDT, April 1 through May 30, 2008. If you call after business hours or find it necessary to leave a message, Antioch University will attempt to return your call within two business days.
• Review your bank, credit card, and debit card account statements regularly and immediately report any suspicious activity to your bank or financial institution. Monitor your credit reports with the major consumer credit reporting agencies.
  • Equifax (1-800-685-1111) PO Box 740241, Atlanta, GA 30374-0241
  • Experian (1-888-397-3742) PO Box 2104, Allen , TX 75013
  • TransUnion (1-800-916-8800) PO Box 1000, Chester, PA 19022
• Obtain your annual free credit report either by contacting one of the above credit reporting agencies or from the following service.
  • Annual Credit Report Request Service - PO Box 105283, Atlanta, GA 30348-5283
• For further information regarding steps you can take to protect yourself against identity theft, please visit the Federal Trade Commission's website at www.ftc.gov/idtheft.

If you suspect that you are a victim of identity theft immediately contact local law enforcement, your state's Office of Attorney General, and the Federal Trade Commission (1-877-ID-THEFT or 1-877-438-4338).

Again, Antioch deeply regrets any inconvenience this incident may have caused.

Sincerely,
William Marshall
Chief Information Officer