Nathan Crabbe of The Gainesville Sun reports that in addition to the breaches that recently made the news, UF has had four cases of ID theft resulting from breaches. During a committee meeting of university trustees at which they passed federal rules intended to prevent identity theft, UF Chief Privacy Officer Susan Blair described the ID theft cases that were unrelated to hacking:
A 2008 case in which police indicate that an ID thief used a stolen identity to secure a job in human resources with the university. During his five months’ employment with the university in 2006, he had access to employee records that he was responsible for scanning in to the system. At least one UF employee had his information misused to obtain fraudulent student loans.
Three other cases involved medical records: one involving information of a patient at UF’s Orthopedics and Sports Medicine Institute, one involving medical ID theft where the victim was a member of the military, and a third, unspecified case involving medical records.
Blair noted that the UF was getting somewhat of a reputation and its breaches had been a topic of conversation at a national conference. “We are starting to have … quite a reputation in the university community,” she said.