The personal information of thousands of individuals who worked at the University of Georgia (UGA) in 2002 was accessible online for several years.
How many victims? 18,931 staff and faculty members.
What type of personal information? Names, Social Security numbers, dates of birth, dates of employment, gender, race, home phone numbers and home addresses.
What happened? The data file, which had been created for legitimate administrative purposes, was placed on a publicly available web server, where it remained from at least 2008 until 2011. School officials have since removed the file.
Quote: “We deeply regret this situation and will take steps to notify and support the affected current and former faculty and staff,” said Timothy Chester, UGA’s chief information officer.
What was the response? Affected individuals are being notified by mail. The university is working with an outside firm to find ways to reduce the risk of another breach.
This is not the first time UGA has suffered a breach, however. Back in 2008, the school revealed that the personal information of 4,000 residents of a housing complex had been exposed after hackers accessed a server.
Source: http://athens.patch.com, Athens Patch, “Oops! ‘Private’ UGA Data Went Public,” Oct. 7, 2011.