Kansas State University is notifying 45 students who were enrolled in an agricultural economics class in spring 2001 that some of their personal information was inadvertently exposed on the internet through a K-State departmental web site–underscoring the danger of using Social Security numbers as student identifiers.
The students whose information was affected were enrolled in AGEC 490, "Computer Applications in Agricultural Economics and Agribusiness," during the spring semester of 2001. Names, Social Security numbers, and grades of those students have been inadvertently exposed online since 2001, the university said.
University information security staff were made aware of the problem last week.
All data have been removed from the web site, and steps are being taken to prevent a repeat of the situation, officials said. Although there is no evidence that identity thieves have misused anyone’s personal information, the university is notifying the affected individuals of the situation and the steps they can take to protect themselves.
Besides supporting the affected persons, the university says it is implementing even more stringent network and server access controls and is taking steps to increase faculty and staff awareness of personal information security issues.
"Most importantly, we want to increase awareness among faculty and staff of the need to be vigilant protecting personal information, including Social Security numbers, in accordance with K-State policy," said Harvard Townsend, chief information security officer.
"We deeply regret this incident," Townsend said. "K-State takes the protection of the personal information of our students very seriously."
Like many universities, K-State has been phasing out the use of Social Security numbers as student identifiers, beginning with the elimination of these numbers from university ID cards in 2006. With the implementation of a new student information system last fall, the university eliminated Social Security numbers as student IDs.
Fred Cholick, dean of Agriculture, said personnel in the department of agricultural economics have contacted students involved and will help with any questions. K-State had posted information on preventing identity theft at http://www.k-state.edu/infotech/security/topics/idtheft.html.