CEDAR FALLS, Iowa — More than 50 employees at the University of Northern Iowa have reported irregularities with their tax returns and the university has sought the assistance of police, the Iowa Division of Criminal Investigation and the Internal Revenue Service to investigate, a spokesman said Thursday.
Some employees reported that when they filed their tax returns electronically the IRS rejected their filing. In some cases the UNI employees discovered someone else had already filed taxes under their name. Others found they'd been declared as a dependent on someone else's returns. In several cases university employees received tax refund checks before filing a tax return.
The university was notified of the first problem on Feb. 6 and created a task force to investigate, said spokesman Scott Ketelsen.
He said the university has not found any breach of its computer systems.
"We've had our IT people scouring our databases for the last week and they have not been able to come up with anything," Ketelsen said. "Because there's a current investigation going on we're talking with the IRS multiple times a day and they're giving us tips where to look and what to look for."
No students have reported problems so far, he said.
There is some indication that universities are being targeted. Ketelsen said the IRS reported similar problems at Oakland University in Rochester, Mich., and at the University of Maryland.
Oakland reported tax return issues similar to UNI and is continuing an investigation with the IRS. The university has offered credit monitoring and has notified its retirement account providers to watch carefully employees' transactions, said a posting on its website.
University of Maryland President Wallace Loh posted a letter on the university's website on Tuesday that said the institution suffered a sophisticated cyberattack a week ago.
The breached database contained more than 309,000 records of faculty, staff, and students who had been issued a university ID since 1998. The records included names, Social Security numbers, date of birth, and university identification numbers.
He apologized and said the U.S. Secret Service, other law enforcement agencies, outside consultants and internal IT personnel are working on figuring out how security was infiltrated and who did it. The university extended credit monitoring to five years for anyone affected.
"There is no impregnable barrier against every fiendishly skillful cyberattack. Every day, there are thousands of probes of our defenses that we spot and thwart," he said in the letter. "We are not alone. In the past couple of years, some 20 large universities across the country have also reported major data breaches."
Arkansas State University had the same problem as UNI last February. About 200 employees had issues with their tax returns, university spokesman Jeff Hankins said. The Jonesboro, Ark., campus has about 1,500 employees.
"We created a security tax force to review all our internal systems and we've taken additional steps to try to help prevent any future criminal fraud attempts," Hankins said. "But honestly we still don't know the source of the breach, whether it was internal or external. The investigation continues."
The university website said some employees were the victims of tax fraud but the source of the identity theft has not been identified.
Indiana University said Tuesday the names, addresses, and Social Security numbers for about 146,000 students and recent graduates from 2011 to 2014 may have been accessed by automated computer data mining applications called webcrawlers, used to improve Web search capabilities.
The university said no servers or systems were hacked. Instead, a staff member in the registrar's office discovered last week that the data had been stored in an insecure location for the past 11 months. It was immediately locked down and moved to a secure location the next day.
Follow David Pitt on Twitter at https://twitter.com/davepitt