There seems to be a new data breach reported every week, and a growing number of them are taking place on the college campus.
This week is no different with separate reports of compromised student data coming from Michigan’s Grand Valley State University and Johns Hopkins in Maryland.
At Grand Valley State, officials suggest that student social security numbers were not accessible last week after a university vendor accidentally posted a list of names, addresses and internal ID numbers online – a list of more than 10,000 students. That information was made accessible on the Kent Communications, Inc. website, a company that provides mailing services for GVSU.
Grand Valley State officials revealed that as many as 300 of the 10,000 students affected by the data breach contacted the university after receiving an email about the incident. In the time since the breach, students have been given the option to change their student ID number, but none have taken that option yet.
In addition to their student ID number, students also need a password to access their GVSU information, meaning that an ID number alone wouldn’t provide access to a student’s account information. GVSU will, for the time being, continue its partnership with Kent Communications.
Meanwhile, CBS Baltimore is reporting that a mistake at Maryland’s Johns Hopkins University has jeopardized the personal data of former students. University officials have revealed that a Johns Hopkins employee mistakenly loaded files onto a server, accessible by the Internet, with the names and Social Security numbers of 2,166 graduate students.
Officials with the university insist that the files were intended for internal server, but that the Social Security numbers of students attending the Homewood campus from 2007 to 2009 were affected.
The mistake was caught quickly and the files were immediately taken offline. A security audit has also been conducted in the time since the mistake, revealing that no other files have been found on the Internet.
Johns Hopkins joins its neighbor, The University of Maryland at College Park, who experienced a similar breach on a larger scale. In that attack, the names and Social Security numbers of more than 280,000 students, alumni and staff were obtained by hackers.