University students' Social Security numbers were accidentally compromised Dec. 7 when a teaching assistant in the economics department sent out grades in an e-mail to his sections that included full names and full Social Security numbers.
First-year College student Kimmy Feinstein was one of more than 60 students affected.
"I was pretty upset," Feinstein said. "Obviously, it wasn't intentional, but I don't know why he had them. It was concerning. I don't understand why the University can't use computer-generated student numbers."
In a similar incident in November, 632 students' Social Security numbers were compromised by Student Financial Services because of a clerical error.
Economics department Chair Bruce Reynolds explained the TA only meant to include the last five digits of students' Social Security numbers without names, but e-mailed his students the wrong file. "It was that simple and that disastrous," he said.
Shirley Payne, Information Technology and Communication director for security coordination and policy, noted the data did not come from Toolkit. "The TA had the Social Security numbers from another departmental file. It was a human error."
The ITC office is working toward ending the usage of Social Security numbers as means of identifying students and employees, said James Hilton, University vice president and chief information officer. He said his office's goal is to "eliminate the use of Social Security numbers everywhere except where the law requires it."
In some instances, including many financial aid applications, the use of Social Security numbers is necessary.
It will take time to restrict the use of Social Security numbers to functions for which they are necessary because they are so widely used around Grounds. A project to phase out its use will take a couple of years, Hilton said.
"It used to be confidential and safe to use Social Security numbers as a secure way to show grades to students without using names, but the recent involvement of the internet and problems of identity theft in the past several years has made using Social Security numbers a problem," Hilton said.
One affected first-year College student, John Jacobson, said he was not concerned about the breach.
"I didn't even care about it very much," he said. "After a few hours [they] tried to correct the problem."
The morning after receiving the TA's message, affected students received e-mails from both the economics department and the University attempting to remedy the situation, Feinstein said.
"I was impressed how quickly the University responded," she added.
The TA, Rasit Telbisoglu, did not return multiple e-mails for comment.
Read More
U.Va. loses over $60 million in federal research cuts
By Bertie Azqueta | YesterdayThe impacted grants include three from the NIH, seven from the NEH, one from the United States Agency for International Development and four from the State Department.
Department of Education reverses course, awards Federal Executive Institute to U.Va.
By Ford McCracken | 4 days agoThe ED had previously awarded the institute to Charlottesville City Schools.
Students reflect on the life and legacy of Pope Francis
By Bertie Azqueta | 5 days agoAt the University, students shared a range of perspectives on his legacy of reform, inclusivity and his impact on the global Catholic community.
