More than 90 former Temple students were inadvertently put at risk for possible identity theft last month, according to a press release from SSNbreach.org.
“There isn’t much to be worried about,” said Robert Edamala, university privacy officer. “But we still take it seriously. This is students’ private information.”
Edamala said the information, which was accidentally released by a professor from the College of Science and Technology, included students’ first and last names, the last four digits of their Social Security numbers, some grade information, associated professors’ comments and the usernames and passwords for generic accounts.
With this type of information available, experts said identity theft is possible but would not be an easy feat.
“The way identity theft works is someone pretends to be you,” said Aaron Titus, the Liberty Coalition’s Information Privacy program director, who wrote the press release on SSNbreach.org.
“In order to do that, you need three pieces of information – Social Security number, name and date of birth,” Edamala said.
Neither Edamala nor Mark Freed, Temple’s chief information security officer, said the students affected were at a high risk for having their identities stolen.
“There are some smart identity thieves out there that will take the time to aggregate information,” Edamala said. “It takes a lot of motivation and a lot of computing power to do it, and there are very few people that actually invest the time to get that information.”
Several law department sources declined comment on any legal ramifications of the incident, but Edamala and Freed said Temple will not face legal issues.
“There would have to be some sort of material loss on the part of the student to even bring that up as an issue,” Edamala said.
Freed added, “If a Social Security number would be exposed inadvertently, then the university would have a responsibility to notify the student. In this case, the Social Security number was never exposed.”
All three experts recommended that everybody, especially those involved in incidents such as this, should check their credit regularly.
“Everyone is entitled to one free credit report per year,” Titus said.
Titus recommended FreeCreditReport.com for yearly credit checks. Edamala and Freed both recommended AnnualCreditReport.com.
Though this leak of personal information did not constitute a major social security breach, Edamala and Freed said they still want to use it to raise awareness.
“We’d like to use this as an opportunity to get the word out,” Edamala said. “We’d like to encourage people to, as a matter of habit, watch out for their identity information and make sure that they are using good practices to ensure their information doesn’t get misused.”
Morgan A. Zalot can be reached at firstname.lastname@example.org.