UW-Madison Delays Notification After Data Exposure
Quick Facts
- Date: 1/16/2008
- Institution: University of Wisconsin, Madison
- Type of Incident: Unauthorized Disclosure
- Number Affected: 200
- Source: Pogo Was Right
- Abstract Source: The Capital Times
Abstract
The University of Wisconsin, Madison is just now alerting faculty and staff to a breach the university discovered in November. The breach exposed the e-mail addresses, phone numbers and Social Security Number-based university IDs of at least 200 faculty and staff members. This exposure only affected individuals that made purchases from the university's DoIT computer shop. UW-Madison legal counsel Nancy Lynch said the exposure was appears to be inadvertent. According to Brian Rust, UW-Madison's communications manager for the information technology department, UW-Madison delayed notification to ascertain the extent of the exposure and implement corrective controls. Rust also stated that the university complied with state law, which required notification within 45 days.
