BreachExchange mailing list archives
Florida university notifies students and faculty of possible data exposure
From: Rebecca Chickering <rchickering () gmail com>
Date: Wed, 23 Jun 2010 17:05:32 -0400
http://news.fiu.edu/2010/06/university-to-notify-students-and-faculty-regarding-unsecure-database/ Florida International University is in the process of sending notification letters to 19 407 students and 88 faculty members after the university’s IT Security Office discovered personal data may have been exposed over the internet via a database’s external search function. The possible breach was uncovered in early May 2010 after the IT Security Office conducted a review of an unrelated hacking incident against the FIU College of Education website. According to the notification letter obtained by Infosecurity, the office found the “existence of a database containing sensitive information that did not reside in a secure computing environment”. An announcement posted on the FIU website lists the personal data as GPAs, test scores, and Social Security numbers that were stored on the College of Education’s E-Folio software app. This database kept track of student data related to state mastery standards, grade tracking, assignments, and Social Security numbers for both students and faculty. [..] _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- Florida university notifies students and faculty of possible data exposure Rebecca Chickering (Jun 24)