Steve Litz reports:
Thousands of students at Florida International University are hoping their personal information is not used against them after being informed of a possible security breach of the university’s computer system.
An undergraduate education database containing 19,500 current and former students’ names, social security numbers, birth dates, and grade point averages was discovered to be unsecured when university officials found someone had typed a smiley face emoticon on the database’s internal website.
Students and alumni who took the College-Level Academic Skills Test and other standardized exams during a multi-year period were informed in letters that their personal details may have been “inappropriately accessed.”
Read more on NBC Miami.
This makes FIU’s fourth known incident. And of three previous incidents, an incident last year also involved a database that reportedly held 19,500 names, social security numbers, birth dates, and grade point averages.
So… was this the same database that was exposed last year?
And how many times does a university have to have a breach before they do a better job of protecting SSN? When, oh when, will we finally see the day when universities stop using SSN as identifiers and disconnect all legacy databases that still contain SSN from the internet?
h/t, DataLossDB mail list.