A stolen storage device containing the names, social security numbers and other personally identifying information of more than 7,000 Rice University students and staff members was stolen last month in the latest security breach at a major American university.
Rice University officials are in the process of investigating the device's theft and notifying all affected students and employees. For now, the university is offering free credit-monitoring services and reviewing its internal security procedures to prevent future thefts and security breaches.
"We apologize for this incident and for any inconvenience or problems it may cause," university officials said an alert posted on the university's website. "Rest assured that we are taking steps to prevent it from happening again. And we appreciate your understanding and vigilance."
The alert said the device contained information involving roughly 7,250 faculty, staff, students and retirees. One of the files contained a list of Rice employees and students on the university's payroll as of January 2010. The file included names, addresses, birth dates, salaries, emergency contact information and employee identification numbers.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
Another file hosted some social security numbers, mostly of university employees, the school said.
Thus far, there's no evidence that any employee or student data was for nefarious purposes, officials said.
Rice joins a long list of U.S. colleges and universities that have been plagued by a variety of security breaches, usually as a result of the theft of a laptop computer or portable storage device.
Just last week, officials at the City College of New York warned 7,000-plus students that their data had been exposed after a laptop was swiped from a university office.
Rice University officials said local law enforcement working the school's police department is in the process of investigating the theft.
Follow eSecurityPlanet on Twitter @eSecurityP.