TBO.com - TBO is Tampa Bay Online

Personal Data Breached Online, UF Warns 11,300

ADVERTISEMENT

By ADAM EMERSON

The Tampa Tribune

Published: June 11, 2008

Updated: 06/11/2008 12:14 am

TAMPA - University of Florida officials sent letters Tuesday to 11,300 current and former students informing them that the university mistakenly posted their names, addresses and Social Security numbers online.

The university used the student information between 2003 and 2005, but it remained posted unsecured online until a few weeks ago, when a routine audit revealed the breach, UF spokesman Steve Orlando said. The information has since been removed.

The students were enrolled in the College of Liberal Arts and Sciences and expressed interest in tutoring services, Orlando said.

Two former student workers in the college's Office for Academic Support and Institutional Service created records for the students as they developed a tutoring schedule, Orlando said. They posted the records online so they could work from remote locations, but they failed to secure the information from the public.

University officials now are working to find current phone numbers and addresses for about 570 students whose information may have been compromised.

They also are rewriting policies on the appropriate use of Social Security numbers, Orlando said.

Administrators don't know why the students were asked to provide their Social Security numbers.

In the past, Social Security numbers were used to identify students, but the university stopped that practice six years ago.

The university, Florida's largest with 52,000 students, regularly scans its information systems and a Web site that has "quite literally a million pages," Orlando said.

He acknowledged, however, that the regular audits missed the privacy breach for years.

Paul Stephens, policy director for the Privacy Rights Clearinghouse in San Diego, said anyone whose Social Security number was publicly available is at high risk for identity theft.

In addition to monitoring their credit reports, Stephens said there are two things students can do to protect themselves:

• Request a security freeze from the nation's three credit reporting agencies - Equifax, Experian and TransUnion - to prevent the release of their credit report or credit score. Florida law allows each agency to charge up to $10 for the service.

However, there is a downside: a security freeze may delay the students from opening new lines of credit. If a lender or company wants to access a student's credit report, the student will have to temporarily lift the freeze.

• Ask for the companies to put on a fraud alert, which is less severe, though less protective than the freeze. An alert flags a credit file with a statement that says the student may be a victim of fraud and that creditors should call before extending credit.

A fraud alert is free and can be done by phone or online with one of the credit bureaus, while students must mail in a request for a security freeze.

An alert is good for 90 days, but students can renew it each time it expires.

Each renewal yields a free credit report.

Reporter Adam Emerson can be reached at (813) 259-8285 or aemerson@tampatrib.com.

Share this:

Loading Comments...

Email Print

ADVERTISEMENT