You choose, we deliver
If you are interested in this story, you might be interested in others from The Journal Gazette. Go to and pick the subjects you care most about. We'll deliver your customized daily news report at 3 a.m. Fort Wayne time, right to your email.



IU data breach costs it $80,000

Inquiry finds no evidence of misuse

– Indiana University says it has spent more than $80,000 responding to a computer data breach that exposed personal information of 146,000 current and former students.

The university reported last month that information including names, addresses and Social Security numbers of those who attended any of the university’s campuses from 2011 to 2014 was unsecured for more than 11 months because security protections weren’t working correctly.

An investigation has yet to turn up evidence that any information has been compromised or improperly used, university spokesman Mark Land told The Herald-Times.

A call center number (866-254-1484) set up for questions about the data breach will remain active through at least this week, Land said. It has received about 950 calls, with roughly half coming on the first day.

About 700 personnel hours by IU employees have been spent on its response, Land said.

IU officials believe that no outside person had accessed the encrypted data.

The information was immediately secured, and officials are looking at all processes to avert a recurrence, Land said.

He said three “web crawlers,” or data-mining applications, had accessed the data. The crawlers were one for Google, one for a search engine that no longer exists and one for Baidu, a Chinese search engine, he said. Land said Google has since cleared the information.

University officials notified all those involved, primarily by email, Land said. About 6,200 people didn’t have emails on file with the university, so IU spent more than $6,000 to mail out letters.

The call center was contracted by the university at $75,000, he said.