Students who applied via the online application put out by the Department of Student Housing were alerted through either an e-mail or a letter that their private information might have been exposed.
According to a University Relations news release, a computer file with names, addresses, birth dates, phone numbers, social security numbers and credit card numbers was found accessible to the public on Dec. 16. The lack of security affected students who applied and paid an application fee online between April 29, 2001, and Dec. 16, 2005.
Becky Derdoski, Minnesota junior, applied online for residency in the 2003-2004 school year.
"That information was given years ago; I didn't think I had to worry about it," she said.
Derdoski remembered a similar incident in which her personal information was at risk of exposure. The Watkins Memorial Health Center pharmacy sent out an e-mail to warn her about it her freshman year.
The housing department shut down its housing application Web site after the routine computer check showed that security measures were not working correctly.
Todd Cohen, University Relations Associate Director for news and public issues, said an incident like this had never happened before at the University.
"It is something that happens a lot at universities, unfortunately. We want to make sure we take care of every precaution, and make everyone fully aware," Cohen said.
While no evidence pertaining to unlawful use of student information has been discovered, the threat to students is still prevalent. The notification sent out to possibly affected students advised them to place fraud alert through www.ku.edu/identity or to call the housing department with any questions.
Out of about 9,200 online applicants in the past few years, only students that gave contact information were notified. Not all affected students still attend the University.
Since Jan. 18, 154 phone calls and 52 e-mails have been placed in response to the incident, according to the Department of Student Housing records.
The Web site has been shut down and applications are now being taken manually until a new, secure site is up and working.
[an error occurred while processing this directive]