About 2,600 former University students and individuals who held contracts with the University Housing Division could have had their names and Social Security numbers available on the Internet, according to Chief Housing Officer Mark Doherty.
Doherty said the University became aware of this breach of security in mid-September.
"We were informed of this by a former student who Googled himself and found the information," he said. "We immediately disabled all the information and files."
The incident was an accident, stemming from the actions of a student working on developing new systems for the Housing Office, Doherty said.
"He placed, on what turned out to be an exposed location on a server, some files he was using to develop this system," Doherty said. "My data directors and others have been really good about securing this information. Nevertheless, these files, I am sure unknown to the developer, were exposed."
The Housing Division sent out a letter to all those who were affected by the accident, Doherty said.
"We believed it was ethically appropriate to let members of the University community that were affected know," he said. "Since the letter has gone out, I've had a dozen or so calls. One person actually left a message saying, 'I don't really have a concern, but I just wanted to thank you for letting me know.' Most other people wanted to know what to do now."
University alumna Jen Michaels is one of these students. Michaels said she received a letter from the University Housing Division Monday informing her that her personal information was available via the Internet.
"I write to inform you that the Housing Division recently received a report that certain information in one of our computer files was accessible through the internet," the Housing Division letter reads. "This information contained some personal data, including you name and Social Security number."
Michaels, who graduated in 2004, lived in on-Grounds housing during her four years at the University. She said she has not contacted the University in regards to the letter.
"They gave me all the information I need," she said. "If anything shows up on my credit report, I'll call them, but if not then I won't."
Doherty said there are two things individuals who received the letters can do. The first is look at credit card statements to make sure that nothing is amiss. The second is visiting the Federal Trade Commission's Web site and looking at the section on identity theft. There, individuals can also place an alert on their account.
"When an alert is placed on an account, credit agencies will contact the individual if there is a request to open a new account or change account information," Doherty said. "This is the single best step that these individuals can take."
This incident raises further question about the Universities policy of using Social Security numbers as student identification numbers, in light of Council legislation passed in April that seeks to establish an alternative mode of student identification.
University spokesperson Carol Wood said University officials currently are discussing changing student identification numbers from Social Security numbers.
"We used Social Security numbers because that has been the industry standard," Wood said. "We are looking at re-evaluating that."
Read More
U.Va. loses over $60 million in federal research cuts
By Bertie Azqueta | YesterdayThe impacted grants include three from the NIH, seven from the NEH, one from the United States Agency for International Development and four from the State Department.
Department of Education reverses course, awards Federal Executive Institute to U.Va.
By Ford McCracken | 4 days agoThe ED had previously awarded the institute to Charlottesville City Schools.
Students reflect on the life and legacy of Pope Francis
By Bertie Azqueta | 4 days agoAt the University, students shared a range of perspectives on his legacy of reform, inclusivity and his impact on the global Catholic community.
