University of Kentucky
Kentucky Discovers Two Incidents On The Same Day
Quick Facts
- Date: 08/15/2006
- Institution: University of Kentucky
- Type of Incident: Unauthorized disclosure
- Number Affected: 710
- Source: Attrition.org
- Abstract Source: WKYT Kentucky (Attrition.org Archive)
Abstract
Student information, including Social Security numbers, was accidentally posted to a University of Kentucky e-mail list. This information, a list of 630 students receiving financial aid information, continued student names and SSNs, which UK still uses as student ID numbers. UK has a plan in place already to stop using Social Security numbers in October of this year. Jay Blanton, a PR specialist for the University, calls the mistake regrettable and says students have been notified.
On this same day, UK discovered an incident at the University's Department of Geography that involved personal information on 80 students.
Stolen USB Drive Contained 18 Years of Student Information
Quick Facts
- Date: 6/22/2006
- Institution: University of Kentucky
- Type of Incident: Theft
- Number Affected: 6,500
- Source: Attrition.org
- Abstract Source: The Kentucky Kernel
Abstract
The University of Kentucky is alerting 6,500 students that their personal information is at risk after the recent theft of a USB flash drive containing class rosters from a classroom. UK estimates this 4GB drive contained up to 130 files containing UK School of Human and Environmental Sciences class rosters dating from 1988 to 2006. These rosters contained student names, grands and Social Security numbers, which UK uses as student IDs. The university is currently phasing out the use of SSNs as student IDs, a plan that will be complete by October.
Current and Past University of Kentucky Employee Data Exposed Online
Quick Facts
- Date: 6/1/2006
- Institution: University of Kentucky
- Type of Incident: Unauthorized disclosure
- Number Affected: 1,300
- Source: Attrition.Org
- Abstract Source: Kentucky.com
Abstract
The University of Kentucky sent out a memo to over 1,300 current and past employees about the possibility of unintended information exposure. It seems that a spreadsheet containing employee information, including Social Security numbers, was accessible via the Internet. Once UK was notified of this issue, the file was removed immediately. The University of Kentucky does not believe that this information was accessed by any unauthorized individuals but is urging the employees to closely monitor their financial statements for unexpected behavior. The university is in the process of implementing a new computer system to help reduce the chance of a repeat occurrence.
