idRADAR?reports that?San Diego State University (SDSU) recently began notifying 1,050 students who took part in SDSU’s Pre-College Institute in the past 22 years that their personal information had mistakenly been exposed in a database (h/t DataBreaches.net).
“The database was intended to be used only by Pre-College Institute employees, but it was misconfigured to enable any computer connected to the SDSU wired network, with the program FileMaker, to open it,” the notification letter [PDF] explains. “The SDSU wired network consists of offices, some labs and the library.”
The database held the 1,050 students’ names, Social Security numbers, birthdates, addresses and other personal information. As idRADAR notes, since the Pre-College Institute is for students in the sixth through 12th grades, most if not all of those affected were likely minors at the time.
While no credit protection services are being offered to those affected, all recipients of the notification letter are being advised to request free copies of their credit reports and to consider placing fraud alerts on their credit files.