Questions, comments or a tip? Let us know.
5000 Students Informed of Online Security Breach
By Jacob Schneider and Joy Resmovits
PUBLISHED JUNE 11, 2008
On Wednesday night, University officials confirmed that Google removed the file containing the personal information of about 5,000 current and former Columbia students. The removal of the file follows Tuesday evening's e-mail message that informed students that due to a mistake by a student employee at Housing and Dining, personal information including social security numbers had been posted online for over a year.
"Columbia Public Safety investigators have concluded that this security breach was unintentional. No financial data was included in the file in question, and we have no evidence of wrongdoing or identity theft," said Scott Wright, the vice president of student and auxiliary services, in the email.
The breach apparently occurred in the spring of 2007, months before Housing and Dining eliminated the use of social security numbers to identify students. According to a university spokesperson, a former student googled a Columbia UNI and received the file location as a result, finding the document with names, social security numbers, and potentially further personal information. An alumna reported the file location to Housing and Dining on June 3, 2008.
“Limited personal information was included in the file, but we cannot elaborate on the contents of the file," the university spokesperson said.
Since sensitive information was included in the security breach, Columbia has arranged two-year subscriptions to a credit monitoring service for the affected students.
In addition to eliminating the use of social security numbers in Housing's processes, “the University is continually strengthening its measures to protect social security numbers where they are required in our systems," the spokesperson said.
Following the e-mail from Housing and Dining, students posted an online petition condemning the breach. By Wednesday evening at 9 p.m., the "Columbia Housing & Dining SSN Security Breach Petition" garnered 22 signatures. The letter condemns the department for errors that resulted in the public availability of private information.
The petition requests two guarantees: "that Housing and Dining properly investigate the former employee who posted this information online, and disclose any information obtained through this investigation that may lawfully be disclosed." The second request is that "you write a report detailing the steps Housing and Dining will take to screen employees for their ability to hold private information in confidence and to ensure, through training or supervision, that this sensitive information is handled discreetly."
Article Tools:
View Comments ( 5)
Post a Comment
At least test scores and learning disabilities weren't revealed. Princeton Review just did that to tens of thousands of kids in Florida: http://www.nytimes.com/2008/08...
From what I gather, the kid thought it was okay to download everyone's personal information- mine included- and make it searchable through Google for his senior thesis or something. And it was available online for a very, very long time.
I really don't care about getting two years of virus-protection from Columbia.... I want in on a class action law suite. Publishing private information about people you do not know, publicly, is not okay. Plus- I am still broke.
And no, I don't care how much "trouble" the kid is getting into with "dean's discipline".
I know how to use a computer. Dear administration that I despise, please do not lie to me. Honestly...
It's unclear from the article where the file was actually stored. The first paragraph says "Google removed..", but later the article states that a "former student Googled a Columbia UNI".
That suggests the file was on a Columbia server, and that Google, in its searching, had indexed (and cached) it.
Anyone know?
Last month someone tapped into my checking account and completely emptied it. Now I think I know why...
Trust the system, trust the system. I'm tired of hearing that from Columbia.
Post new comment