|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Max Hozven (mhozven
tealeaf.com)
Date: Wed Jul 23 2008 - 11:23:44 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
My guess is that many of these schools/etc are probably using different
software, but the common thread is that they all use the SSN's to
identify the students/etc internally (and are just careless about what
gets printed on the envelope).
In some cases, maybe they outsource the printing of the labels also (?),
sending database of who the students/etc to the outsourcing company.
-Max
-----Original Message-----
From: dataloss-bouncesattrition.org
[mailto:dataloss-bouncesattrition.org] On Behalf Of Kim Z. Dale
Sent: Wednesday, July 23, 2008 9:07 AM
To: datalossattrition.org
Subject: Re: [Dataloss] University of MD mails 24000 SSN on front of
envelope
It seems odd to me how many incidents of SSNs printed as part of a
mailing
address occur. Are all these places using the same software, or are
people
just that bad at mail merge? It seems like an odd thing to happen
across
multiple organizations.
-----Original Message-----
From: dataloss-bouncesattrition.org
[mailto:dataloss-bouncesattrition.org]
On Behalf Of Henry Brown
Sent: Wednesday, July 23, 2008 9:42 AM
To: datalossattrition.org
Subject: [Dataloss] University of MD mails 24000 SSN on front of
envelope
From The University of MD Independent Daily Newspaper
http://tinyurl.com/6j6rhv
Social security numbers of students registered for fall 2008 classes,
totaling nearly 24,000, were inadvertently printed on mailing labels for
a parking brochure, the Department of Transportation Services said in an
e-mail to students today.
"The University apologizes, and deeply regrets this unfortunate mistake.
We are taking aggressive steps to ensure that this does not happen
again. We strongly recommend that you take appropriate precautions to
mask, black out, or destroy this document after use," said the e-mail,
signed by DOTS Director David Allen.
The mailings were sent July 1, but the mistake was not discovered until
July 8, when students began calling DOTS to complain, according to a
website set up by DOTS specifically for this incident. The website can
be found at http://www.transportation.umd.edu/parkingmailer/.
The university is not aware of anyone's social security number being
misused, added DOTS in the e-mail.
The university will offer free Equifax reports to affected students, at
a cost to the university of about $23 a person, said Vice President for
Student Affairs Linda Clement. With Equifax, the students can monitor
their credit or place a fraud alert on their account.
Clement explained that when a DOTS employee collected names and
addresses for the brochure, social security numbers and e-mail addresses
would have appeared in the search, but were supposed to be removed from
the labels. DOTS saw the e-mail addresses on the labels but didn't
identify the social security numbers because they were not separated by
the typical two dashes, she said.
The incident is under investigation and the person involved has not been
fired, Clement added. The delay in notifying students was due to the
legal office negotiating a deal with Equifax.
"We sincerely regret it," Clement said. "This is just an awful
situation; we're trying to do everything we can to mitigate it."
A letter explaining the situation and offering remedies will be sent to
students Friday or Saturday, said Ann Wylie, the university president's
chief of staff.
"We were horribly upset that this happened," she said. "It was a human
error."
_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss
Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor
your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml
_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss
Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor
your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml
_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss
Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]