University of Illinois - College of Engineering Breach
Technorati Tag: Security Breach
Contractor/Consultant:
None
Number Affected:
5,247
Types of Data:
Name, email address, college major, gender, race, ethnicity, class, admission date, Spring 2007 GPA, cumlative GPA, mailing address, and phone number.
Breach Description:
A College of Engineering staff person inadvertently attached a spreadsheet containing the confidential information to all electrical and computer engineering students in an email meant to announce the availability of a new course.
Reference URL:
http://www.news-gazette.com/news/local/2007/08/27/students_information_accidentally_sent
Report Credit:
The News-Gazette
Commentary:
Thank God the spreadsheet did not contain Social Security numbers, credit card numbers, or student ID numbers. People are people and they are bound to make mistakes. The response from the university seems appropriate.
Response:
From the News-Gazette online article:
The college already had a policy that no attachments were to be sent with mass mails. However the staff member did not intend to attach the document, Kaler pointed out.
All mass e-mails will now go through the dean's office and be supervised by the dean's staff. Staff also will be retrained on the safe handling of data.
Past Breaches:
None since August 2007
Date Reported:
8/27/07
8/27/07
Organization:
University of Illinois - College of Engineering
University of Illinois - College of Engineering
Contractor/Consultant:
None
Number Affected:
5,247
Types of Data:
Name, email address, college major, gender, race, ethnicity, class, admission date, Spring 2007 GPA, cumlative GPA, mailing address, and phone number.
Breach Description:
A College of Engineering staff person inadvertently attached a spreadsheet containing the confidential information to all electrical and computer engineering students in an email meant to announce the availability of a new course.
Reference URL:
http://www.news-gazette.com/news/local/2007/08/27/students_information_accidentally_sent
Report Credit:
The News-Gazette
Commentary:
Thank God the spreadsheet did not contain Social Security numbers, credit card numbers, or student ID numbers. People are people and they are bound to make mistakes. The response from the university seems appropriate.
Response:
From the News-Gazette online article:
"Since this release did not include Social Security numbers or UIN numbers, that mitigates the problem substantially," UI spokeswoman Robin Kaler
The college already had a policy that no attachments were to be sent with mass mails. However the staff member did not intend to attach the document, Kaler pointed out.
All mass e-mails will now go through the dean's office and be supervised by the dean's staff. Staff also will be retrained on the safe handling of data.
Past Breaches:
None since August 2007
Posts Atom 1.0
Comments