About 2,000 University students recently found out their names and social security numbers have been posted on a University Web site accessible to the public since fall 2006. The error was caught in July — nearly three years later — according to University spokeswoman Kristine Calongne. The names and social security numbers were displayed on a Web site managed by the University Writing Program in the College of Arts & Sciences. Calongne said the information was displayed online to alleviate scheduling conflicts for a certain course. A faculty member put the information on the Web thinking only other faculty members teaching the course could see the information, but the Web site wasn’t on a secure server, meaning anyone could access it. “The faculty member did not realize that the posting would be available to the public, and no one else with the University knew about the posting, which is why it was still online in 2009,” Calongne said in an e-mail to The Daily Reveille. Calongne said she could not comment on any disciplinary action the faculty member could be facing because it is considered confidential personnel information. Brian Nichols, Chief IT Security and Policy Officer, said this is the first time the University has dealt with a security issue like this. University Registrar Robert Doolos sent a letter on July 28 to the 1,963 students whose information was compromised, apologizing for the incident.
“We have no evidence that an unauthorized individual is maintaining or using your personal information,” Doolos said in the letter. So far, no incidents involving the students’ personal information have been reported. In 2006, the University was still using social security numbers as its primary way of identifying students on campus. The University switched to using a nine-digit student LSUID number starting with “89-” in 2007. Doolos said part of the reason for the switch was to better protect students against identity theft. “[An incident] is much less likely because we are using the LSUID as the primary identifier for students, faculty and staff in all of our systems and databases,” Doolos said. “We have cautioned faculty and staff, however, that LSUIDs are sensitive data.” He said the University is working hard to address any problems that may arise and encouraged students to register and use the free credit monitoring service, Equifax, at http://creditmonitor.lsu.edu.Students had a similar security scare in 2007 when financial aid records for TOPS scholarships — which included names and social security numbers — went missing.  A large number of students at the University have TOPS scholarships. The information was lost because of an error made during the transportation of the data between Port Allen and Baton Rouge. The driver of the truck containing the information was at fault and was fired, The Times-Picayune reported.—-Contact Kyle Bove at [email protected]