Educational Computer Systems reports data breach impacting Brandeis University students

Educational Computer Systems, Inc. (ECSI), a service provider to educational institutions is reporting a data breach impacting Brandeis University students. ECSI provides a range of services to educational institutions, including managing past-due receivables, servicing campus-based student loans, handling tax documents, and offering tuition payment plans, among others.

ECSI first detected unusual access attempts to an online service that hosts tax forms for students on February 12, 2024. In response, took the service offline and eliminated guest access to tax forms. The investigation revealed that unauthorized data access occurred between October 29, 2023, and February 12, 2024.

The exposed data includes access to sensitive student information, including names and Social Security numbers.

No details about the attack or the number of affected individuals are disclosed.

Data breach notification letters were sent out on April 19, 2024, to inform Brandeis University students about the breach and the specific types of personal information that were compromised.