SSNs Found On Texas A&M Corpus Christi Website, Student Data Exposed

November 11th, 2008

SSNs Found On Texas A&M Corpus Christi Website, Student Data Exposed

For the fourth time in two years and the second time in three months, a security breach at Texas A&M University-Corpus Christi has exposed students’ or former students’ Social Security numbers, university officials said Friday. Through an Internet search on the university’s Web site Monday, a student viewed a document that listed admissions applicants from 2005, A&M-Corpus Christi spokesman Marshall Collins said. The page listed 1,430 names and Social Security numbers.

The student, who Collins said saw her own Social Security number on the page, reported it to university officials. Officials then temporarily shut down the site and removed the document, he said. “We take this very seriously and it is always disappointing when something like this happens,” A&M-Corpus Christi President Flavius Killebrew said Friday.

Jody Nelsen, the university’s executive vice president of finance and administration, said 50 of those applicants are students with the university. Nelsen said letters to all of the individuals listed will be mailed Monday to inform them about the breach.

Collins said security officials were trying to determine Friday how long the page had been viewable. “This is an ongoing problem that all campuses face, with old data on computers with millions of files and it is difficult to make sure that they are all deleted,” Nelsen said. “It is disappointing that it has happened again and we are going to be very aggressive to alleviate this problem.”

The incident is the latest in several that have exposed A&M-Corpus Christi students’ Social Security numbers. A computer hacker tapped into a university server Sept. 9 and may have had access to a document with students’ Social Security numbers. A university flash drive was misplaced in June 2007 that may have contained 8,000 current and former students’ Social Security numbers, while a class roster was misplaced that July that included 49 students’ Social Security numbers.

Collins said no incidents of stolen identity have been reported from the security lapses.

The university in fall 2007 eliminated use of Social Security numbers as student identification numbers. The university now uses a random numerical system for IDs.

Nelsen said the computer server containing the file had been scanned and purged of sensitive documents, but the archives on the server were not, and that is where the document with the numbers was located. Nelsen said the employee responsible for scanning the archives will be reprimanded but not terminated.

Nelsen said the university will look into hiring outside technology experts to determine what can be done to prevent breaches.

Share this item with others:

More on CyberInsecure:

Data Breach At Texas Comptroller Office, 3.5 Million People Details Publicly Accessible For Over A Year

Texas National Guard Website Remains Unavailable After Malware Infection

Private Data Exposed By Hackers In University Of Texas At Dallas

Student Loan Records Stolen From Non-Profit Company, 3.3 Million Identities Compromised

Website breach in Sonoma State University exposes students Social Security numbers

Posted in Breaches And Incidents, Data Theft, Privacy |

Print This Post

This entry was posted on Tuesday, November 11th, 2008 at 6:17 pm and is filed under Breaches And Incidents, Data Theft, Privacy. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.