University of Florida notifies former law students about privacy breach

This sounds very much like the incident University of North Florida reported last month, but it’s a new/separate announcement from the University of Florida:

 University of Florida officials are notifying 220 former law school students and applicants who had sought a roommate online in the early 2000s through the Levin College of Law that their Social Security numbers were accessible on the Web.

Discovered in May, the information was removed immediately from the UF servers. Also, Google has since removed the files where the information was cached.

Roommate-matching software required Social Security numbers for access, but that information was not visible to anyone using the software or roommate database. The College of Law stopped using the software in the mid-2000s.

The university does not know whether the information was accessed for unlawful purposes. Florida law requires the university to notify individuals if a potential loss of personal identification information has occurred so that protective steps can be taken. Some guidelines to safeguard personal identification information is provided on UF’s privacy website at http://privacy.ufl.edu.

“It is regrettable that this instance occurred,” said Susan Blair, UF’s chief privacy officer. “We are working diligently to purge and protect the personal identifying information of our students and prospective students.”

Letters were mailed June 25 to nearly all of the individuals with personal information listed in the database, but contact information was not available for two law school applicants. Concerned individuals may call UF’s Privacy Office Hotline toll-free at 1-866-876-HIPA.

About the author: Dissent