About 6,500 former and current UK students are at risk for identity theft after their academic and personal information was stolen last month, university officials announced Friday.
A professor in the School of Human and Environmental Sciences left a flash drive - also called a thumb drive, which can hold up to four gigabytes of information - in a classroom. It contained as many as 130 files with class rosters from 1988 to 2006, the professor said. UK officials declined to identify the professor, who left the drive in a classroom by accident in late April, said UK spokesman Jay Blanton.
The drive held grades and Social Security numbers, which UK uses to ID its students.
"This is a regrettable incident, and we are deeply sorry that it has occurred," Frank Butler, UK's executive vice president of finance and administration, wrote in an e-mail to the UK community. "We are doing everything possible to alert students and former students who may have been impacted."
Though it is unknown how many of the 6,500 students' information was on the drive, UK contacted all the students who were mentioned in some way on the professor's office computer, Butler said in the e-mail.
However, identity theft may not be the motivation behind the theft.
"It is our suspicion that a student may have taken the thumb drive in an attempt to steal a final exam," the university's Office of Legal Counsel wrote in a letter to the students and alumni last week. "However, we have no proof of that suspicion as well as no proof of possible identity theft."
UK officials learned about the theft on May 26, after it was reported to UK police. The university waited until Friday to publicly address the theft because it was trying to find contact information for the students and former students who may have been affected, Blanton said.
This is the second time in less than a month that UK has alerted students, faculty and staff about possible identity theft. In May, the personal information of about 1,300 current and former employees was accidentally made available on the Internet for 19 days.
Currently, UK is phasing out the usage of students' visible Social Security numbers - they no longer appear on students' UK identification cards, and by October, students' Social Security numbers will not be used as primary identification numbers, Blanton said.