University of Florida has suffered another huge data breach, the third in three months. In the most recent data breach, the personal information of more than 97,000 students, staffers and faculty members was compromised.
That any organization should lose control of their constituents’ information three times in three months is shocking, but that all three of the data breaches should be the result of successful attacks by hackers is outrageous. Even more egregious is the fact that if you look backward in time beyond these three data breaches, you’ll see that this is the sixth data breach of University of Florida information in the last 15 months.
Six data breaches in 15 months! Details are as follows:
- November, 2007: The information of 534 former UF students was inadvertently posted on a website. Social Security numbers were included in 415 of the students’ records.
- May 2008: An assistant professor of plastic surgery gave away a laptop that contained the photos, names, dates of birth, Social Security numbers and Medicare numbers of 1,900 of his patients.
- June 2008: The personal information, including names, addresses and Social Security numbers of 11,300 current and former students was inadvertently posted on a website.
- November 2008: Hackers accessed the personal information of 330,000 dental patients. The compromised information included names, addresses, birth dates and Social Security numbers of patients who had dental work done at the College of Dentistry as long ago as 1990.
- January 2009: The Social Security numbers of 101 “users” might have been accessed because of a directory service configuration error. The University data breach notice provides no further details such as who the “users” were, or what other personal information might have been accessed.
- February 2009: 97,200 students, staffers and faculty members placed at risk of identity theft because the University of Florida allowed hackers to access personal information for the third time in three months.