University of Rhode Island server breach exposes staff and student data

Share this article:

University of Rhode Island (URI) officials disabled the school's College of Business Administration computer server, after the personal information of more than 1,000 faculty and students, as well as students from another school, was publicly available.

How many victims? About 1,000 current and former URI faculty members, in addition to 22 former students of the university and 80 students from an unnamed out-of-state school.

What type of personal information? The names, birth dates, Social Security numbers and some compensation information of faculty members. Former URI students had their Social Security numbers and names exposed, while students from the out-of-state school had their grades, names and Social Security numbers posted to the server.

What happened? Personal information, which was not intended to be stored on the business college server, was placed there. According to URI, faculty had access to the server and used it to upload and share course information.

What was the response? After discovering the breach on July 31, URI took the school's business college server offline. The school is reaching out to those affected, and will provide a year of credit monitoring and identity protection services for impacted individuals. URI is working with an attorney general's office outside of Rhode Island to notify 80 students affected from another school.

Details: School officials said no current URI students or faculty – hired after April 2007 – were impacted by the data breach. The personal information of the out-of-state students and URI faculty was posted to the server in March 2007, while former URI students' information had been exposed since 2009.

Source: boston.com (Associated Press), “Personal info of faculty at URI compromised,” Aug. 27, 2012.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in The Data Breach Blog

Sign up to our newsletters

POLL

More in The Data Breach Blog

Tampa General Hospital breach impacts hundreds of patients

Tampa General Hospital is notifying 675 patients that their personal information may have been accessed, without authorization, by a former employee.

George Mason University travel system targeted for malware attack

The incident could have exposed the names and Social Security numbers of users, although no evidence has surfaced to suggest that's the case.

Central Utah Clinic notifies over 30K patients of potential HIPAA breach

The clinic is warning patients of a potential breach after an unauthorized party accessed a server.