Pennsylvania Medical Students Hit by Data Breach
Students' names, e-mail addresses and Social Security numbers were mistakenly made available online.
Hubbard-Bert, Inc., the benefits administrator for Pennsylvania's Lake Erie College of Osteopathic Medicine (LECOM), recently began notifying an undisclosed number of LECOM students that spreadsheets containing their personal information had been mistakenly made available online when a Hubbard-Bert test server was misconfigured (h/t SC Magazine).
The data breach was discovered by a LECOM student on April 24, 2014.
"Our investigation revealed that unauthorized access may have first occurred on April 20, 2014, and the test server had been misconfigured on April 14, 2014," Hubbard-Bert explained in the notification letter [PDF].
The information exposed in the spreadsheets included students' names, Social Security numbers, e-mail addresses, and in some cases, birthdates.
All those affected are being offered one free year of membership in Experian's ProtectMyID Alert service.
"We want to assure you that we are committed to the security of your personal information and are taking this matter seriously," Hubbard-Bert stated in the notification letter. "Accordingly we have implemented enhanced security protocols for all of our Web servers. Additionally, we are installing a new off-line Web server for all future testing purposes."
Photo courtesy of Shutterstock.