Site Menu
- BuckeyeSecure
- News
- Student Resources
- Faculty and Staff Resources
- Administrator and IT Resources
- Training
- Project Resources
- Policy Links
- FAQs
- Alternative Identifiers
- Data Classification and Access Control
- Gramm-Leach-Bliley Training
- Identity Theft Red Flags
- Identity Theft Red Flag Training
- Information Security FAQ
- Information Security Implementation Plan
- Institutional Data Policy
- Institutional Data Policy Training
- PGP
- Restricted Data
- Social Security Numbers
- Campus Resources
- Contact Us
- Site Map
What's New?
Phishing Scam. DO NOT REPLY! E-mails have been circulating from sources claiming to be from OIT or the university. These are phishing scams. OIT would NEVER ask for your password. More information at OIT Systems Status page.
GeoTrust SSL Certificate Purchasing Explained
Instructions on how to order SSL Certificates through GeoTrust can be found on this page
Hot Topics
- Phishing
- Institutional Data Policy Training
- University Security Standards (UCSS)
- How to Protect Myself
- Safe Computing
Incident Response
Archived News
Spring 2007
University Employees, Students Affected by Data Thefts
Students, faculty, and staff received notices of the data thefts during the week of Tuesday, April 17, 2007. An excerpt of the original notice and subsequent updates are provided below. A website has been established to provide information and resources including a list of frequently asked questions, how to protect your credit, and a copy of the notification letter: http://cio.osu.edu/secureinfo/research
- Update on Data Breaches (posted on Friday, April 27, 2007)
What is the university doing to protect personal data? Is the university going to seek an outside opinion in reviewing its data security practices? Are there plans to extend the credit fraud protection program past one year? Answers to these questions concerning the recent data breach and more details - including how to protect your credit - can be found on the Web site developed especially for this incident: http://cio.osu.edu/secureinfo/research.
- Original Notice (excerpt - full notice posted to OSUToday on Tuesday, April, 17, 2007)
More than 14,000 current and former faculty and staff members are being informed that their personal data (name, Social Security number, employee ID number, and date of birth) have been exposed as a result of a criminal intrusion into a database within the university's Office of Research. A web site has been established to provide information about the incident that occurred during the weekend of March 31/April 1.
- Update on Data Breaches: Information Hotline (posted to OSU Today on Wednesday, April 18, 2007)
Faculty and staff who are among the approximately 14,000 whose data was stolen from a server within the Office of Research should receive a notification letter within the week. The hotline that was established to answer questions is staffed from 8 a.m.-5 p.m. weekdays, and the toll free number is 1-866-515-9332. It is important that you first dial a 1 if calling from home or 9+1 if calling from a campus phone. The number of operators available to answer questions about the credit watch and protection program has been expanded, and they are fielding between 50 and 60 calls per hour. If you did not receive a letter then you can contact the hotline to determine if your personal information was among the data stolen. If you contacted the hotline yesterday but were unable to get your question answered, please try again. More details - including a list of frequently asked questions, how to protect your credit, and a copy of the notification letter - can be found on the web site developed especially for this incident.
- Update on Data Breaches: Employee Data Breach Verification Form (posted to OSU Today on Thursday, April 19, 2007)
A new Web site has been created so that faculty and staff can directly determine if they were among the approximately 14,000 who were mailed notification letters about the data breach. Additional frequently asked questions addressing the timing of the notification and the delivery method have been added to the Web site: http://cio.osu.edu/secureinfo/research. Click on the FAQ link at the top.
Provost Memo Recommends Strategies for Faculty, Staff, and Graduate Teaching Associates at OSU
Executive Vice President and Provost Barbara Snyder has sent a memo to faculty, staff, and graduate teaching associates emphasizing Ohio State's collective and individual committment to protecting sensitive personal information. The provost reminds us that the university and each of us plays a critical role in safeguarding personal information and data under our control.
To help address these concerns, the BuckeyeSecure site has expanded its Resources to include the following:
- FERPA and the Draft Interim Policy on Disclosure or Exposure of Personal Information and a Faculty, Staff, and GA Guide to FERPA and Ohio Revised Code §1347
- Steps to help protect personal information including the laws and policies that apply to OSU
- Guides to protecting files on your MAC or PC
- Ways to avoid Identity Theft such as Academic and Business Best Practices and Individual Best Practices
