University employee fired for inadvertently emailing student data

Share this article:

An employee at San Francisco-based Atlius University was fired after an email containing personal data on nearly 200 enrollees was inadvertently sent to a student.

How many victims? 198.

What type of personal information? Names, Social Security numbers, phone numbers, email addresses and academic courses.

What happened? An Atlius University employee inadvertently sent the email containing the data to a student enrolled in the school. 

What was the response? Atlius University officials contacted the student who received the data and obtained written confirmation that the email containing the information was deleted and not sent to anyone else. The employee who sent the email was reprimanded and fired. The University is providing training to the workforce to enhance data security awareness. Letters were sent to affected students, who were offered one free year of credit monitoring services.

Details: The email was sent on Sept. 6. 

Quote: “Although this incident did not involve any financial accounts information, we recommend that you always be vigilant and regularly review your credit card account statements and credit reports for unauthorized activity,” said Eric Mulheim, chief financial officer, Altius University, in the letter to affected students.

Source: oag.state.md.us, “Atlius University, LLC (PDF),” Sept. 19, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in The Data Breach Blog

Sign up to our newsletters

POLL

More in The Data Breach Blog

Florida medical center hit with breach for third time in two years

Aventura Hospital and Medical Center has reported a data breach for the third time in two years.

Tampa General Hospital breach impacts hundreds of patients

Tampa General Hospital is notifying 675 patients that their personal information may have been accessed, without authorization, by a former employee.

George Mason University travel system targeted for malware attack

The incident could have exposed the names and Social Security numbers of users, although no evidence has surfaced to suggest that's the case.