Quick Facts

• Date: 7/6/2010
• Institution: University of Florida
• Type of Incident: Unauthorized Disclosure
• Number Affected: 2,047
• Source: ESI
• Abstract Source: University of Florida News Release

Abstract
University of Florida officials recently notified individuals after letters about a research study contained personal information on the labels. The letters, inviting individuals to participate in a College of Medicine’s Department of Epidemiology and Health Policy Research research study, contained the names, and Social Security numbers or Medicaid identification numbers of 2,047 individuals. The personal information was accidentally included on the mailing labels affixed to the letters. Instead of personal information, the labels were supposed to include randomly generated numbers to help a telephone survey company verify interested participants. The survey company, Macro International Inc has made plans to purge the personal information from their systems. In total, 647 labels included Social Security numbers and the rest contained Medicaid identification numbers.

Quick Facts

• Date: 6/30/2010
• Institution: California State University, San Bernardino
• Type of Incident: Unauthorized Disclosure
• Number Affected: 36
• Source: ESI
• Abstract Source: The Desert Sun

Abstract
California State University, San Bernardino recently began notifying some student after personal information was discovered online. A class roster from one computer science and engineering course made public through the university's web server contained the names and Social Security numbers of 36 students. The information was found on June 10, 2010 and removed as soon as the university became aware of the file.

Quick Facts

• Date: 6/22/2010
• Institution: Florid International University
• Type of Incident: Unauthorized Disclosure
• Number Affected: 19,000
• Source: ESI
• Abstract Source: FIU News

Abstract
Florida International University recently began notifying faculty and students after a unsecured database was found to contain personal information. The database, part of FIU's College of Education, contained the names, GPAs, test scores and Social Security numbers of over 19,000 students and the names and Social Security numbers of 88 faculty. While FIU has not found any evidence that the information was accessed, they urge those affected to monitor their credit reports.

Quick Facts

• Date: 6/1/2010
• Institution: University of Louisville
• Type of Incident: Unauthorized Disclosure
• Number Affected: 708
• Source: ESI
• Abstract Source: Business First of Louisville, WFPL

Abstract
The University of Louisville recently announced the accidental exposure of patient information to the Internet. The web site, belonging to the university's Kidney Disease program, contained the names, Social Security number and medical information on 708 patients. The information was available through the web site from October 1, 2008 to May 17, 2010. According to officials a programming error caused the information to become exposed to the Internet without any need for a password or login. The site has been removed and the University is offering one year of credit monitoring for the individuals affected. Individuals with questions can contact the U of L Kidney Disease Program at 502-852-0785.

Quick Facts

• Date: 4/28/2010
• Institution: Montana Tech of the University of Montana
• Type of Incident: Unauthorized Disclosure
• Number Affected: 260
• Source: Data Loss DB
• Abstract Source: Billings Gazette

Abstract
Montana Tech recently notified former students after an email attachment containing personal information was sent out. The email, sent to faculty, staff and students, contained the names, Social Security numbers and some birth dates for 260 students that had performed research projects between 1998 and 2005. In the letter to the individuals affected, Montana Tech is offering to pay the $9 credit freeze fee.