The ongoing investigation of a computer intrusion at Georgia Southern University has identified additional students and University Store customers whose personal information may have been compromised.
A computer server that contained social security numbers and credit card information for the University Store was accessed by an unauthorized party in the early morning hours of Saturday, April 23. It has not yet been determined if any personal data was acquired by the intruder.
The possible risks to the people whose information may have been compromised include identify theft and/or unauthorized credit card usage. Therefore, the University wants to alert all of the people who may be affected. Individuals may fall into any one of the categories or may overlap into two or more categories.
According to the most recent findings of the investigation, those people who are potentially affected includes:
• Georgia Southern students who received bookstore credits through their financial aid package or scholarships (including HOPE) from Fall 2002 through Spring 2005 . This category has expanded in date range by one year.
AND / OR
• Anyone who made a purchase at the University Store with a credit card between July 1, 1996, and April 25, 2005. This advisory includes all purchases made at the on-campus location of the bookstore, online at www.gsustore.com,
as well as those made at Eagle Club alumni events and football games . This category has expanded to include several additional years. Credit card transactions from Dec. 9, 1999 through April 25, 2005 contain cardholder name, credit card number and expiration date. Transactions files from July 1, 1998, through Dec. 8, 1999, contain credit card numbers and expiration dates, but do not list cardholder names. Data from July 1, 1996, through July 1, 1998, list credit card numbers only.
AND / OR
• Anyone who made a purchase at the University Store with a check, Eaglexpress card (ID) or charge account at the on-campus location of the bookstore, online at www.gsustore.com,
as well as those made at Eagle Club alumni events and football games between Oct. 1, 2001, and April 25, 2005 . This advisory has been expanded to include individuals who wrote checks and used their Social Security number (in many cases this is the same number as their driver's license number) as an identifier, and/or any individual who used an Eaglexpress card and/or any individual who used a charge account for a University Store purchase. This is a newly identified group of individuals who could potentially be affected by the intrusion.
If you fall into any of these categories, you are encouraged to immediately place a fraud alert on your credit files by calling one of the three credit reporting companies: Equifax (800-525-6285), Experian (888-397-3742) or TransUnion (800-680-7289). Any one of these agencies will place a fraud alert on your credit files and share the information with the other two agencies. Free copies of your credit report can also be requested.
In addition, people who may have been affected should immediately contact the banks that issue their credit cards and inform them that their credit card numbers and expiration dates may have been compromised.
Georgia Southern officials have contacted MasterCard and Visa with this updated information and will be making reasonable efforts to contact individuals whose social security numbers and credit card information may have been affected. The University's special Web page ( www.georgiasouthern.edu/fraudconcern
) includes information for people who are concerned that their personal information may have been compromised.
Georgia Southern's Office of Public Safety and Division of Information Technology Services are conducting the investigation of this incident with the assistance of the Georgia Bureau of Investigation and the Federal Bureau of Investigation.