RSS Alerts

Share

More services

Downloads

Related Links

Related Stories

  • Penn State data may have been exposed
    This week the Pennsylvania State University sent data breach notification letters to 15 806 individuals who at one time had their personal information, including Social Security numbers, stored in a university database.
  • EWU exposes 130 000 student records
    Eastern Washington University has notified present and former students of a massive data breach of its systems that could affect up to 130 000 people.
  • University of Hawaii posts confidential information on 40,000 students
    A University of Hawaii faculty member accidentally posted the Social Security numbers, grades, and other personal information of more than 40,000 former students on an insecure server, officials admitted this week.
  • Interview: Webroot's Dick Williams
    Meet Dick Williams. At 67 years old, the slight, gentle veteran should, theoretically, be throwing in the towel. Far from being weathered by too many years in business, however, the Webroot CEO has used his career to retain wisdom, enthusiasm and business intuition. Eleanor Dallaway meets Dick Williams and discovers that not only is he not ready for retirement, he’s actually in his prime.
  • Educating children on data protection
    The use of biometrics and CCTV in school classrooms - installed to protect pupils - may just as easily put them at risk of other dangers. What, then, can be done to prepare our children for the big wide world of data protection? Rob Stringer reports…

Top 5 Stories

News

Florida university notifies students and faculty of possible data exposure

23 June 2010

Students and faculty at Florida International University are being sent notification letters regarding the potential compromise of personal data stored in a university database.

Florida International University is in the process of sending notification letters to 19 407 students and 88 faculty members after the university’s IT Security Office discovered personal data may have been exposed over the internet via a database’s external search function.

The possible breach was uncovered in early May 2010 after the IT Security Office conducted a review of an unrelated hacking incident against the FIU College of Education website. According to the notification letter obtained by Infosecurity, the office found the “existence of a database containing sensitive information that did not reside in a secure computing environment”.

An announcement posted on the FIU website lists the personal data as GPAs, test scores, and Social Security numbers that were stored on the College of Education’s E-Folio software app. This database kept track of student data related to state mastery standards, grade tracking, assignments, and Social Security numbers for both students and faculty.

FIU was required to notify affected students and faculty, and both the notification letter and web announcement provided information on credit monitoring. The university stated that it is not aware of any attempts to use the information.

“Upon discovery, the University IT Security Office and the College of Education took immediate steps to remove the database from any external search capability, and to prevent the recurrence of any other data security breach involving this information”, noted the letter, which an FIU spokesperson said are currently being mailed to those affected.

This article is featured in:
Compliance and Policy  • Data Loss

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012