Access privileges error on Chapman University file allowed viewing of file with sensitive student information
On February 15, officials at Chapman University were informed that a document that should have been secured was available to authorized logged in system users who were not authorized to see that document . The university immediately secured the document by correcting the access privileges, and on February 22, notified the New Hampshire Attorney General’s Office that 15 New Hampshire residents were among those who had sensitive data on the exposed document.
According to their letter, information in the file included students’ names, Social Security numbers, student ID numbers, and financial aid information of those who applied for financial aid for the 2009-2010 academic year.
An investigation by the university indicated that only a ‘few’ system users had accessed the document.
All individuals who had their information in the file were notified by letter on February 22 and offered free credit monitoring services.