University of Iowa Engineering Dpt. Exposes 215 Student SSNs OnlineFOR IMMEDIATE RELEASE: February 4, 2008
Media Contact: Aaron Titus
IOWA CITY, Iowa. The College of Engineering Student Development Center posted personal information of 321 University of Iowa students on its website, including 215 social security numbers. The Excel file also included names, GPAs, e-mail addresses, student ID numbers, and other academic information. Most of the affected students appear to be seniors who applied for graduation in Spring 2006. By placing this information online, the University of Iowa has put these students at extreme risk of identity theft or other forms of fraud.
The file was created on February 27, 2006, and placed online on or before March 15, 2006. According to the web server, it was on University of Iowa's servers for almost two years without internal detection. It was one file among course listings and curriculum information for the College of Engineering.
Individuals affected by this exposure should immediately visit www.nationalidwatch.org and search for their names, to confirm what types of personal information were exposed. NationalIDWatch.org has a list of recommended steps victims should take.
National ID Watch is a search engine for personal information breaches. Sponsored by the Washington, DC non-profit Liberty Coalition, NationalIDWatch.org provides more than a million free personalized Identity Exposure Reports™ as a public service.
Each Identity Exposure Report (IXR) documents what types of personal information were exposed (such as Social Security Numbers, Birth Dates, Addresses, etc.), without revealing them. Each IXR also details the situation surrounding each exposure, and contact information of those responsible for the breach. Armed with this information, victims can further investigate, take action, or correct harm.