Data Theft of 38,000 Georgetown University Students, Staff, Faculty Members

The theft of a computer disk from a locked room at Georgetown University in Washington has potentially exposed the Social Security numbers and other personally identifiable data of about 38,000 current and former students, faculty members and staffers between 1998 and 2006.

A university statement said the drive was stolen from an office within the university’s Office of Student Affairs on Jan. 3. The unencrypted disk apparently was used to back up a computer that contained billing information for various student services, according to a story in the campus newspaper The Hoya.

A letter sent to alumni affected by the theft said that since the files “related to a range of cross-campus student financial transactions processed through the Office of Student Affairs, it pertained to students enrolled at the main, medical and law school campuses.” No financial information was stored on the hard drive, the letter noted.

The university is also offering all affected individuals free credit monitoring for one year.

This is not the first time. In March 2006, another security breach at Georgetown University resulted in the names, dates of birth, and social security numbers of 41,000 people, many of which may be elderly. The university had been hosting the data on behalf of the District of Columbia’s Office on Aging (DCOA).

Related Links:

• 2008 incident: Data breaches probed at New Jersey Blue Cross, Georgetown
• 2008 incident: Data Thieves Hit Georgetown University Students, Faculty
• 2006 incident: Georgetown University Data Breach
• More articles about careless organizations that allow data to be stolen…