AUBURN, Ala. – Friday, Auburn University reported the personal information of current, former, and prospective students was accidentally left exposed from Sep. 2014 to March 2015.
The university said the records involved include some combination of name, address, email address, birth date, Social Security number, and academic information. No payment card, bank, or financial account information was involved.
Auburn University discovered the records were publicly accessible on March 2, 2015. In a press release, the university said the exposure happened after a broken server was repaired. After an internal investigation, they believe the data was publicly accessible between Sept. 1, 2014, and March 2, 2015. After securing the server, additional network security measures were put in place.
The university said there is no evidence of any misuse of the personal information. University officials will contact each individual whose information was included in the exposed records by mail and will be offered two free years of credit monitoring and identity protection and restoration services. A confidential assistance telephone line has been established and additional information about this incident, security tips and resources are being made available online at http://www.auburn.edu/itsecurity.
The university provided these two links for additional information:
- Frequently Asked Questions about this incident
- Data Security Tips available on the Auburn IT webpage