Security Compromised for Hundreds of UK Students

August 15, 2006

http://www.wkyt.com/Global/story.asp?S=5285189



Another school year will begin next week on the campus of the University of Kentucky, but while students should be worried about getting the right text books and settled on campus, some seven hundred students are instead worrying about their personal information being posted for the world to see.

" It was an error. We regret the error and we regret the incidents that have occurred." said Jay Blanton with UK Public Relations.

Officials with the University of Kentucky are once again apologizing for two separate security breaches that put hundreds of students personal information at risk.

"It was a listing of students that were receiving financial aid. It listed their social security numbers beside their names because social security numbers are used for the moment as the identification number for the students and that got inadvertently posted on the financial aid website." said Blanton

630 students were affected, that breach was discovered Monday afternoon. That same day an incident involving about 80 students with the Department of Geography was discovered.

" A listing of students with their identification number, which is the social security number-- it just got sent to that list serve and that list serve only." said Blanton.

In both cases the students involved were notified of the security issue.

" I think in each of those instances we've been very forceful and aggressive in communicating that this has occurred and here is what we have done about it and tried to minimize the risk of exposure, and thus far we've been lucky that we haven't had any reports of folks personal information being compromised in anyway." said Blanton.

But it's a problem that seems to be popping up more and more. In June a thumb drive used by a professor with names of hundreds of student's and their personal information was stolen, prompting the same alert. UK told 27 Newsfirst then that they were working on a new system that would stop the use of social security numbers for class rosters and other information. That hasn't happened yet, but Blanton says it will change in October.

A University committee has been formed to look into technology safety issues on campus, the committee will develop a policy to deal with potential future security breaches.


main page ATTRITION feedback