BreachExchange mailing list archives
Data breach: ASU accidentally reveals email addresses of 4, 000 students
From: Destry Winant <destry () riskbasedsecurity com>
Date: Tue, 20 Aug 2019 00:42:22 -0500
https://www.azfamily.com/news/data-breach-asu-accidentally-reveals-email-addresses-of-students/article_11cbf8de-c2ca-11e9-9c32-2bf264d0f9ca.html TEMPE, AZ (3TV/CBS5) -- Arizona State University has notified 4,000 students that their email addresses "were accidentally revealed" in a large data breach. ASU told the students on Aug. 16 it happened in late July when a university office sent bulk emails about renewing health insurance coverage without masking the identities of the recipients. Some of the email addresses revealed recipients' names, as well. This unintended action is considered a data breach under the Health Insurance Portability and Accountability Act (HIPAA). "The only items of protected health information (PHI) released were the students' email addresses. No other PHI was released," stated the school. The university was able to limit the release of information by deleting more than 2,540 of the messages from ASU email inboxes. More than 1,130 of those emails were unread. ASU also says that procedures have been "revamped" to bolster protection of information, including establishing more review and approval levels for mass email distributions. The student notification included details on assistance resources available to all ASU students, faculty, and staff. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Data breach: ASU accidentally reveals email addresses of 4, 000 students Destry Winant (Aug 20)