Communications of the ACM
Error by Computer Science Employee Leaks Data on All Active Students
Human error caused a massive leak of personal information of all active students in California State Polytechnic University's College of Science.
The incident occurred Jan. 28 when a university employee within the Computer Science Department intended to send an email containing advising information for 940 computer science students.
Inadvertently, the employee also attached an Excel spreadsheet containing personal information of all 4,557 active students in the College of Science.
"It was a case of human error," says Tim Lynch, associate vice president for Strategic Communications. "It was somebody making an honest mistake. Significant mistake, I'm not minimizing that, but it was just an honest mistake. I have to know this person wishes more than anything to have taken it back."
Information including names, addresses, academic standing, CPP email, Bronco ID, gender, ethnicity, GPA, and other data was included in the spreadsheet, but no Social Security numbers or dates of birth were leaked, according to Lynch.
University officials found out about the leak because a computer science student who received the email contacted the Office of Admissions and Enrollment Planning around 30 minutes after the email was sent.
Action was taken within 40 minutes.
A Reddit user who downloaded the leaked data before the email was deleted created detailed infographics based on the data but omitted any individual identifiable student data.
From The Poly Post
View Full Article
No entries found