DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

UCF hit with potential class action lawsuit in Social Security hack

Posted on February 6, 2016 by Dissent

That was quick – but also interesting.  Sean Levin reports:

A former University of Central Florida student body president and member of UCF’s Board of Trustees filed a class action lawsuit against the university Friday after being victimized in UCF’s massive Social Security number hack.

The lawsuit was filed in federal court, in the Orlando division, one day after UCF admitted 63,000 Social Security numbers  of current and former students and staff were stolen.

Plaintiff Logan Berkowtiz alleges UCF failed to provide public notice of the breach until Feb. 4, despite “UCF having knowledge of the breach as early as December 2015.”

What’s particularly noteworthy (to me, anyway) is the attempt to hold UCF liable for violating FERPA. As most readers know by now, there is no private cause of action in the FERPA statute, but the plaintiffs are alleging violations of state law requiring compliance with FERPA:

Florida statutes mandate that all universities “shall comply with the FERPA with respect to the education records of students.”

Florida statutes authorize legal action against a university that “refuses to comply” with the state statute adopting FERPA, specifically stating a student “may be awarded attorney’s fees and court costs.”

Read more on ClickOrlando.com. I’m not sure how you argue that a breach is equivalent to refusal to comply with FERPA, but this will be an interesting case to watch.

Category: Education SectorHackOf NoteU.S.

Post navigation

← VA: Stolen University of Mary Washington laptop held SSN (UPDATED)
Gyft Notifies Affected Users of Security Incident →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • WestJet investigates cyberattack disrupting internal systems
  • Plastic surgeons often store nude photos of patients with their identity information. When would we call that “negligent?”
  • India: Servers of two city hospitals hacked; police register FIR
  • Ph: Coop Hospital confirms probe into reported cyberattack
  • Slapped wrists for Financial Conduct Authority staff who emailed work data home
  • School Districts Unaware BoardDocs Software Published Their Private Files
  • A guilty plea in the PowerSchool case still leaves unanswered questions
  • Brussels Parliament hit by cyber-attack
  • Sweden under cyberattack: Prime minister sounds the alarm
  • Former CIA Analyst Sentenced to Over Three Years in Prison for Unlawfully Transmitting Top Secret National Defense Information

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Anne Wojcicki Wins Bidding for 23andMe
  • Would you — or wouldn’t you?
  • New York passes a bill to prevent AI-fueled disasters
  • Synthetic Data and the Illusion of Privacy: Legal Risks of Using De-Identified AI Training Sets
  • States sue to block the sale of genetic data collected by DNA testing company 23andMe
  • AI tools collect and store data about you from all your devices – here’s how to be aware of what you’re revealing
  • 23andMe Privacy Ombudsman Urges User Consent Pre-Data Sale

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.