Laura Diamond reports:
University of Georgia officials are investigating how personal data on nearly 19,000 employees was publicly available on a university web site since at least 2008.
[…]
The database was created for internal purposes and included the Social Security number, date of birth, employee name and other sensitive information for everyone who was working for the university in 2002. That includes faculty, staff and students who worked for the college, Jackson said.
Read more on AJC.
Yes, it would be good to investigate how it got there. And then investigate how it wasn’t detected for so long.
UPDATE: The school has posted a notice and FAQ on the incident. From the FAQ:
The file, created for legitimate internal administrative purposes, was accessible on the web from 2008 to 2011, and possibly dating back to 2002. The file included the social security number, name, date of birth, date of employment, sex, race, home phone number and home address of individuals employed at UGA in 2002.