University employee fired for inadvertently emailing student data

Share this article:

An employee at San Francisco-based Atlius University was fired after an email containing personal data on nearly 200 enrollees was inadvertently sent to a student.

How many victims? 198.

What type of personal information? Names, Social Security numbers, phone numbers, email addresses and academic courses.

What happened? An Atlius University employee inadvertently sent the email containing the data to a student enrolled in the school. 

What was the response? Atlius University officials contacted the student who received the data and obtained written confirmation that the email containing the information was deleted and not sent to anyone else. The employee who sent the email was reprimanded and fired. The University is providing training to the workforce to enhance data security awareness. Letters were sent to affected students, who were offered one free year of credit monitoring services.

Details: The email was sent on Sept. 6. 

Quote: “Although this incident did not involve any financial accounts information, we recommend that you always be vigilant and regularly review your credit card account statements and credit reports for unauthorized activity,” said Eric Mulheim, chief financial officer, Altius University, in the letter to affected students.

Source: oag.state.md.us, “Atlius University, LLC (PDF),” Sept. 19, 2013.

Share this article:
close

Next Article in The Data Breach Blog

Sign up to our newsletters

POLL

More in The Data Breach Blog

Programming error results in CVS Caremark mailing blunder

About 350 CVS Caremark customers are being notified that a programming error resulted in mailers containing their personal information being sent to the wrong customers.

Seattle University donor checks possibly exposed due to settings error

Seattle University is notifying an undisclosed number of donors that anyone with a Seattle University computer account could have viewed scanned checks.

Laptop stolen from Self Regional Healthcare contained patient data

As least 500 patients of Self Regional Healthcare have been notified that their personal information was on a laptop stolen from a Self Regional facility.