Students’ personal data posted on Internet in error

October 24, 2005

UNT Security News

About 1,000 University of Western Ontario graduate students were told this week a document containing their personal information was accidentally posted on the Internet.

Grad students who applied for Ontario Graduate Scholarships received letters Wednesday telling them a document with their names, social insurance numbers and program was inadvertently left on an unprotected area of the Faculty of Graduate Studies website for two weeks.

The document also contained the results of students’ previous Ontario Graduate Scholarship applications.

The information was taken off the Internet when the faculty realized the error on Oct. 7, but two search engines had already accessed the document, including Google, which maintained a version of the information until Oct. 15.

“It was kind of scary, actually, getting this letter,” said gradate student Boba Samuels.

The letter sent to students said the document was accessed by 14 different users.

“We have no way of identifying the individuals who accessed the document, but it appears that almost all of the hits originated from academic sites,” the letter said.

That’s cold comfort for students who have been told to call the two major credit reporting agencies in Canada to put a fraud alert on their credit files.

“Your name, your SIN, was left on this website, then Google . . . who knows who accessed the information. It is kind of creepy,” Samuels said.

Students with questions about the breach were told to call Stephen Jerrett, Western’s lawyer.

He said Western has done what it can to reduce the damage, including removing the information minutes after officials were notified.

“Despite whatever steps we’ve taken to get it off, once it’s out there, you just don’t know where it might remain and who might have access to it,” Jerrett said.

main page ATTRITION feedback