Return to Previous Press Release
Enter your name and a friend's email address in the fields below and click "Submit" to email this Press Release to a friend.
Your message will look like this:
[YOUR NAME HERE] thought you might be interested in this story from the University of Rochester.
MEDIA CONTACT: Sharon Dickman sdickman@rochester.edu
585.275.4128
June 29, 2006
The University of Rochester has informed 286 graduates about an unintentional public disclosure of their Social Security numbers and some pre-college standardized test information. Two spreadsheets with limited personal information were discovered this month on a publicly accessible Web page maintained by the University.
University network records revealed that the first public access through University servers occurred June 12, 2006, when a University of Rochester graduate spotted her name on a list of former students with identifying numbers. She reported it to the University on June 15, and the material was removed immediately.
The University found that the Web page also was made accessible through the automated cache provided by the Google search engine. Google has removed the information from its files.
"The University of Rochester takes information security very seriously and seeks to prevent occurrences like this, and we sincerely regret this error," said a letter mailed to the graduates on June 27. Most of the students involved have graduated from the University of Rochester.
The error occurred when a faculty member was backing up computer files to a directory and did not realize that the material would be Web accessible. The University has determined that the files were first indexed by Google in mid-2005. Evidence showing minimal access to the data on the University's network indicates a low likelihood of access to the Google cached version as well. Google has not provided information about access to its cached version of the page.
New York State law requires the notification of individuals whose information may have been compromised, even in instances where the likelihood of exposure is fairly low. The incident also must be reported to the New York State Attorney General, the Consumer Protection Board, and the Office of Cyber Security. Some Frequently Asked Questions about this accidental disclosure as well as information on preventing and responding to security theft can be found at www.rochester.edu/ITS/security/resources/id_theft.html.
Inquiries can be made to Sharon Dickman at the University Office of Communications at (585) 275-4128 or e-mail sdickman@rochester.edu.
The University of Rochester (www.rochester.edu) is one of the nation's leading private universities. Located in Rochester, N.Y., the University gives students exceptional opportunities for interdisciplinary study and close collaboration with faculty through its unique cluster-based curriculum. Its College of Arts, Sciences, and Engineering is complemented by the Eastman School of Music, Simon School of Business, Warner School of Education, Laboratory for Laser Energetics, Schools of Medicine and Nursing, and the Memorial Art Gallery.
PR 2563, MS 998