Auburn University released a statement that the Social Security numbers of 364,012 people as well as other identifying information was accidentally made accessible to the public online. According to the University, that information was open to anyone from September until March 2. Aside from Social Security numbers, the other identifying information that was made available included names, birthdays, physical addresses and academic information.
Auburn University stated that it was “unaware of any attempted or actual misuse” of the publicly made information, however the University finally decided to take precautions by mailing out warning letters to current and former students.
Auburn also mailed letters out to people who never attended or even applied to the University as hundreds, possibly even thousands, of people who never had any intention of being a part of the University may have been a part of the data leak. Specifically, students who had taken the ACT or SAT prior to 2007 could potentially have had their information compromised.
Part of the recruitment process by Auburn includes purchasing the personal information of students who have taken the ACT and/or SAT so recruiters can send information to admissions prospects.
While the current information includes name, address, email address, date of birth, high school, year of graduation, intended college major and occupational choice, prior to 2007, Social Security numbers were included.
Auburn has stated that no credit card, banking or financial account information was involved in the breach.
The University said it’s providing victims of the leak free two-year credit monitoring only out of “an abundance of caution.”