University of Rhode Island server breach exposes staff and student data

Share this article:

University of Rhode Island (URI) officials disabled the school's College of Business Administration computer server, after the personal information of more than 1,000 faculty and students, as well as students from another school, was publicly available.

How many victims? About 1,000 current and former URI faculty members, in addition to 22 former students of the university and 80 students from an unnamed out-of-state school.

What type of personal information? The names, birth dates, Social Security numbers and some compensation information of faculty members. Former URI students had their Social Security numbers and names exposed, while students from the out-of-state school had their grades, names and Social Security numbers posted to the server.

What happened? Personal information, which was not intended to be stored on the business college server, was placed there. According to URI, faculty had access to the server and used it to upload and share course information.

What was the response? After discovering the breach on July 31, URI took the school's business college server offline. The school is reaching out to those affected, and will provide a year of credit monitoring and identity protection services for impacted individuals. URI is working with an attorney general's office outside of Rhode Island to notify 80 students affected from another school.

Details: School officials said no current URI students or faculty – hired after April 2007 – were impacted by the data breach. The personal information of the out-of-state students and URI faculty was posted to the server in March 2007, while former URI students' information had been exposed since 2009.

Source: boston.com (Associated Press), “Personal info of faculty at URI compromised,” Aug. 27, 2012.

Share this article:
close

Next Article in The Data Breach Blog

Sign up to our newsletters

POLL

More in The Data Breach Blog

Thousands had data on computers stolen from California medical office

Bay Area Pain Medical Associates notified about 2,780 patients that their data was on computers stolen from its California offices.

Subcontractor breach impacts 1,700 in Dominion Resources employee wellness plan

About 1,700 people in the Dominion Resources employee wellness program have been notified that their data was accessed in a breach.

Document posted to California city website, employee data accessed

In California, a document posted to the City of Encinitas website contained data on hundreds of current and former city staffers.