DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Tyler Junior College data leak exposed housing applicants’ Social Security numbers and dates of birth

Posted on March 1, 2014 by Dissent

I’ve occasionally commented that consumers shouldn’t have to go to the media to get a breach or data leak addressed. Neither should students, but that’s what happened this week to Kierra Perry.

Perry applied to Tyler Junior College in Texas. As part of the process, she also applied for housing and completed the background check information. But when she went to verify the status of her application Thursday, using the “A number” userid assigned to her and her login password, she not only saw her documents, but was able to view other applicants’ background check forms, too. Those forms revealed others’ names, addresses, dates of birth, Social Security numbers, Driver’s License numbers with expiration dates, as well as current and previous addresses. There was also a question that asked applicants whether they had ever been convicted of any crime or had charges pending against them. Copies of two applicants’ forms were sent to DataBreaches.net as evidence of the leak, but to protect the students’ privacy, they will not be reproduced here.

Alarmed by what she saw, Perry says she attempted to contact the Housing Administration to alert them to the problem on Thursday, but tells DataBreaches.net she was not allowed to speak with a supervisor and the person she spoke to “did not see any urgency regarding this situation.” She also sent an email to the college’s administration and called them. According to Perry, someone in college administration told her they were aware of the problem. Perry says she also contacted the state’s Consumer Protection Division at the Texas Attorney General’s Office to alert them to the data leak. But no one from TJC responded to her email, and when she checked on Friday by logging in again, the data were still leaking.

“My concern is if I could see their information, who was viewing mine? And why is it that no one notified us once they became aware of the situation?”

Frustrated at the lack of response, Perry contacted DataBreaches.net. As is this site’s policy when there is a live breach, I called the college, told the switchboard operator the nature of the problem, and was put through to the executive offices and then the CIO’s voicemail, where I left a message with my number. I then called the IT Helpdesk, as the CIO’s voicemail suggested for urgent matters. I explained the situation to a member of the IT staff, confirmed that he was immediately escalating the matter to the IT manager, and asked them to call me back to let me know when the data were secured.

Shortly thereafter, Ms. Perry informed DataBreaches.net that the data leak was no longer evident.

No one from Tyler Junior College called DataBreaches.net back yesterday or this morning, however, so we do not know how the breach occurred and whether they intend to contact everyone whose data were exposed. Nor do we know how many applicants’ data were exposed to others or for how long the situation existed. Hopefully, TJC will do the right thing, and local media in Texas might want to follow up with the college to get more details and to find out what they’ve done in response to this breach.

For her part, Ms. Perry has changed her mind about attending TJC as a result of this breach, and has requested that TJC refund the non-refundable $100 application fee because the college failed to secure her information.

“I was very interested in Tyler as my school of choice but now am very concerned on how my information will be shared,” she tells DataBreaches.net.

Her concern is very understandable.

Category: Education SectorExposureU.S.

Post navigation

← Cybersecurity in the Golden State: How California Businesses Can Protect Against and Respond to Malware, Data Breaches and Other Cyberincidents
Commentary: Repeated insider breaches at TD Bank should trigger federal regulator investigation (update 1) →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Central Maine Healthcare tackles suspected cybersecurity issue; hospitals remain open
  • Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed
  • Beyond the Pond Phish: Unraveling Lazarus Group’s Evolving Tactics
  • Akira doesn’t keep its promises to victims — SuspectFile
  • Fraudsters, murderers, students: who the GRU assembled a team of hacker provocateurs from and why it failed
  • Order of Psychologists of Lombardy fined 30,000 € for inadequate data security protection and detection following ransomware attack
  • Lower Merion School District says a data breach was caused by a computer glitch (1)
  • After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers
  • Junior Defence Contractor Arrested For Leaking Indian Naval Secrets To Suspected Pakistani Spies
  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Stewart Baker vs. Orin Kerr on “The Digital Fourth Amendment”
  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.