April 24, 2014

EMU learns more about data breach involving personal information of some students

by Geoff Larcom, Published March 31, 2011

Bookmark and Share

YPSILANTI - Eastern Michigan University has notified students and employees about additional information in the information theft case involving two former student employees. As reported initially on March 9, EMU's Department of Public Safety and federal authorities are investigating whether the former student employees, who no longer attend the university, may have taken sensitive personal information (name, date of birth, and social security number) from the records of other students that were housed in the offices where they worked.

"While the investigation remains ongoing, the university has learned the former students may have been involved in activity that involved using the social security numbers taken from EMU student records for the purpose of filing fraudulent tax returns in order to obtain a tax refund to which they were not entitled," said Walter Kraft, vice president for communications. "If the legitimate tax filer submits his/her return after his/her social security number has been used fraudulently, the tax return will be rejected by the IRS because another filer has already used the social security number."

The initial investigation indicated that the records of approximately 58 individuals were improperly taken, although the university does not know if the information of those persons was fraudulently used. Six additional individuals have been identified who may also have had their information taken and used. They included students and parents of students who contacted Eastern after being notified by the IRS that their 2010 tax returns were rejected because their social security numbers were used on another filing. Eastern has provided the information from the six individuals to authorities and they are now part of the ongoing criminal investigation.

In the meantime, EMU has offered to assist all individuals who may have been affected by this fraudulent activity, while the criminal investigation continues. 

In addition, EMU continues to evaluate its processes to determine what, if any, changes or improvements can be made to help prevent a similar issue from occurring in the future.

As indicated in the initial notification, only students, not faculty or staff, are affected. EMU has already sent individual notifications to students believed to be directly affected by this incident. At this point, if students do not receive a notification, it is because the university does not have evidence that their information was used improperly. As EMU's investigation remains ongoing, it is possible that not every affected person has been identified to date, and students are advised to contact EMU at (734) 487-1357 if they believe their information has been used improperly.

The university also has advised students that even if there is no reason to believe that their personal information has been accessed, out of an abundance of caution, it is suggesting that students take steps to protect themselves and their credit.

Checking credit reports periodically is one way to help spot problems and address them quickly. The Fair Credit Reporting Act guarantees access to credit reports for free once per year. Students can visit http://www.annualcreditreport.com to obtain a free credit report along with other useful information.

If suspicious activity is suspected on a credit report or there is reason to believe personal information is being misused, individuals should promptly call the appropriate local law enforcement agency and file a police report. Individuals are advised to keep a copy of the report for their records. Even if there is not suspicious activity on the initial credit reports, the Federal Trade Commission (FTC) recommends that people check their credit reports periodically.

Individuals may also consider placing a fraud alert on their credit files. A fraud alert tells creditors to contact the individual personally before they open any new accounts. In order to place a fraud alert, students can contact any of the three major credit bureaus listed below. As soon as one credit bureau confirms a fraud alert, they will notify the others to place fraud alerts. 

Eastern Michigan regrets that this incident has occurred. The privacy of students and protecting personal data are important. Further updates will be provided as the investigation continues. Additional information, including questions and answers about the situation, is available at


http://www.emich.edu/securitybreach-march-2011/index.php.

 

 

 

 

 

 

Geoff Larcom

glarcom@emich.edu

734.487.4400

Contact:
  • facebook
  • twitter
  • youtube
  • linked in
  • Blog EMU
  • EMU app