University Web Site Snafu Exposes Student SSNs

Human error is to blame for the accidental exposure last week of more than 4,500 Chaminade University student’s Social Security numbers on the private Catholic college’s official Web site.

University officials discovered the snafu Wednesday and quickly removed the obscure but accessible links from the Web site.

The students’ Social Security numbers were exposed for about eight months, according to a statement released by the Honolulu-based university, and thus far there is no evidence that anyone has used the data for nefarious purposes.

The data included information about undergraduate students who attended the university between 1997 and 2006.

The university said it is in the process of notifying all the students who had their data exposed and recommending that they monitor and review their credit reports and banking account activity. At this point, the university has not offered to free provide credit-monitoring services for those affected.

In its statement, Chaminade officials said they are now implementing new security procedures to prevent a data breach of this kind in the future and will provide additional training to staff regarding the protection of personal information.

Hawaii is one of 43 states that require companies, universities and organizations to notify people when their personal or financial information is accidentally or deliberately compromised.

Colleges and universities have been particularly hard hit by hackers in the past year.

In April, University of California at Berkeley officials said hackers infiltrated a healthcare database containing the personal information of more than 160,00 students dating back to 1999.

In September, the University of North Carolina’s radiology department discovered that hackers may have compromised a server containing the personal data of more than 163,000 women participating in a mammography research project.

Similar attacks were reported this year at Montana State University, the University of Michigan and the University of Alabama.

IT security experts say colleges and universities are particularly attractive to hackers because research computers have Internet access, abundant processing power and, obviously, tons of data because they’re constantly conducting large-scale research projects.

News Around the Web