April 24, 2024

Educational Computer Systems Announces Data Breach Affecting Multiple Schools and Colleges

+ Follow Contact

Send

Embed

On April 19, 2024, Educational Computer Systems, Inc. (“ECSI”) filed a notice with the Attorney General of Maine after discovering that information belonging to students at several schools was compromised as a result of an ECSI data breach. In this notice, ECSI explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names and Social Security numbers. Upon completing its investigation, ECSI began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you receive a data breach notification from Educational Computer Systems, Inc., or you heard about the ECSI data breach from your educational institution, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the Educational Computer Systems data breach. For more information, please see our recent piece on the topic here.

What Caused the ECSI Data Breach?

The Educational Computer Systems data breach was only recently announced, and more information is expected in the near future. However, ECSI’s April 19, 2023 and April 23, 2023, filings with the Attorney General of Maine provide some important information on what led up to the breach.

According to these sources, on February 12, 2024, ECSI detected an unusually high volume of login attempts on one of its online services that allows students to access their tax forms. In response, ECSI disconnected its systems and then launched an investigation to learn more about the incident as well as what, if any, student information was subject to unauthorized access as a result.

Through this investigation, ECSI learned that an unauthorized party was able to access data belonging to certain students between October 29, 2023, and February 12, 2024.

After learning that sensitive consumer data was accessible to an unauthorized party, Educational Computer Systems reviewed the compromised files to determine what information was leaked and which consumers were impacted. ECSI completed this process on April 4, 2024. While the breached information varies depending on the individual, it may include your name and Social Security number.

On April 19, 2024, Educational Computer Systems sent out data breach letters to students at Brandeis University; then, on April 23, 2023, ECSI sent data breach letters to students at Rensselaer Polytechnic Institute. It is not clear how many schools in total were affected by the ECSI data breach.

More Information About Educational Computer Systems, Inc.

Established in 1972, Educational Computer Systems, Inc. is a services business based out of Warrendale, Pennsylvania. ECSI provides schools and colleges with services related to past-due accounts receivable management, campus-based student loan servicing, tax document services, tuition payment plans, refund management, call center, and outsourcing services. ECSI is a subsidiary of Global Payments Inc. Educational Computer Systems, employs more than 306 people and generates approximately $58 million in annual revenue.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.