Franklin University student information posted on Web
Technorati Tag: Security Breach
Date Reported:
1/29/08
Organization:
Franklin University
Contractor/Consultant/Branch:
None
Victims:
Students and/or alumni
Number Affected:
Unknown
Types of Data:
Name, Social Security number, trimester and course number, email address, and Franklin University ID number
Breach Description:
A file containing sensitive personal information belonging to Franklin University students and alumni was inadvertently posted to a public web server. The number of affected persons has not been publicly released.
Reference URL:
The New Hampshire State Attorney General breach notification
Report Credit:
The New Hampshire State Attorney General
Response:
From the online source cited above:
A file containing the names, Social Security numbers, term and class information, email addresses, and Franklin University identification numbers of students and/or alumni was inadvertently placed on our web server, which made it possible for the information to be viewed online.
Although we believe the exposure to be minimal, it is possible that your information may have been viewed by others.
[Evan] The "others" in this case are unauthorized persons.
We have removed the file from the Web server so the file can no longer be viewed online and we are working with third party experts to minimize the risk of future incidents of this nature.
[Evan] If this information was available on the internet, there is a good chance that the information is also available through search engine caches. There is no mention whether or not Franklin University contacted Google, Yahoo!, etc. to have any cached information removed promptly. Personally, I have not had the opportunity to look.
We deeply regret this unfortunate situation.
Because we value our students and alumni, we are offering you credit monitoring through Experian@ for 12 months, at no expense to you.
We sincerely apologize for any inconvenience that this may cause you. To view Frequently Asked Questions on our Web site, visit www.franklin.edu/go/securityupdate. If you have additional questions, please call us on our dedicated toll-free line at 1- Monday through Thursday 8 a.m.-8 p.m., Friday 8 a.m.-5 p.m., or Saturday 9 a.m.-1 p.m. EST.
Commentary:
Mistakes will happen, so you should count on them happening. Many mistakes can be averted through effective information security training and awareness, and many mistakes can be minimized through effective incident response procedures and testing.
Past Breaches:
Unknown
Date Reported:1/29/08
Organization:
Franklin University
Contractor/Consultant/Branch:
None
Victims:
Students and/or alumni
Number Affected:
Unknown
Types of Data:
Name, Social Security number, trimester and course number, email address, and Franklin University ID number
Breach Description:
A file containing sensitive personal information belonging to Franklin University students and alumni was inadvertently posted to a public web server. The number of affected persons has not been publicly released.
Reference URL:
The New Hampshire State Attorney General breach notification
Report Credit:
The New Hampshire State Attorney General
Response:
From the online source cited above:
A file containing the names, Social Security numbers, term and class information, email addresses, and Franklin University identification numbers of students and/or alumni was inadvertently placed on our web server, which made it possible for the information to be viewed online.
Although we believe the exposure to be minimal, it is possible that your information may have been viewed by others.
[Evan] The "others" in this case are unauthorized persons.
We have removed the file from the Web server so the file can no longer be viewed online and we are working with third party experts to minimize the risk of future incidents of this nature.
[Evan] If this information was available on the internet, there is a good chance that the information is also available through search engine caches. There is no mention whether or not Franklin University contacted Google, Yahoo!, etc. to have any cached information removed promptly. Personally, I have not had the opportunity to look.
We deeply regret this unfortunate situation.
Because we value our students and alumni, we are offering you credit monitoring through Experian@ for 12 months, at no expense to you.
We sincerely apologize for any inconvenience that this may cause you. To view Frequently Asked Questions on our Web site, visit www.franklin.edu/go/securityupdate. If you have additional questions, please call us on our dedicated toll-free line at 1- Monday through Thursday 8 a.m.-8 p.m., Friday 8 a.m.-5 p.m., or Saturday 9 a.m.-1 p.m. EST.
Commentary:
Mistakes will happen, so you should count on them happening. Many mistakes can be averted through effective information security training and awareness, and many mistakes can be minimized through effective incident response procedures and testing.
Past Breaches:
Unknown
Posts Atom 1.0
Comments