Treasure Valley Community College (“TVCC”) has become aware of a data security incident that may have involved the personal information of certain TVCC community members. TVCC is offering complimentary credit monitoring services to them.
On August 25, 2020 , TVCC learned that unauthorized access to an employee email account had by an unknown person may have exposed personal information about members of the TVCC community. The information may have included student ID numbers, Social Security numbers and dates of birth. It is possible that the access to the email account could have happened between June and December, 2019.
TVCC made an effort to contact every affected individual. Unfortunately, TVCC did not have address information for a subset of individuals whose dates of birth and student ID numbers were involved.
While TVCC is not aware of the misuse of any information impacted by this incident, TVCC is offering complimentary credit monitoring services to affected individuals and providing information about steps they can take to protect their personal information. If you believe you may have been affected by this incident, you can contact our call center to sign up for protection.
The toll-free call center is available to answer questions about the incident and to help the affected persons enroll in complimentary credit monitoring services. The call center is available Monday through Friday from 8:00 a.m. to 8:00 p.m. Central Time and can be reached at calling 1 (833) 754 1360.
TVCC deeply regrets any concern or inconvenience this issue may have caused and is taking affirmative steps to prevent a similar event from occurring in the future.
View original content: http://www.prnewswire.com/news-releases/treasure-valley-community-college-notifies-consumers-of-data-security-incident-301199086.html
SOURCE Treasure Valley Community College
Note that the notice on TVCC’s web site provides slightly different details, including an explanation as to the attacker’s probable motive. You can read their web site notice with its FAQ here.
Neither version explains how they first became aware of the breach so long after it presumably occurred.