Personal information Western Connecticut State University kept over a 13-year span on students and their families, as well as high school students, might have been exposed to unauthorized access between April 2009 to September 2012, school officials are warning.
A computer system vulnerability potentially exposed information, including Social Security numbers, of about 235,000 people whose records the university collected, according to a news release from the university.
The affected group includes students, their families, others associated with the university and high school students whose SAT scores were purchased in lists, according to school officials.
WCSU has found no evidence that there was inappropriate access, but the university is offering up to two years of ID theft protection.
“We are disappointed that the potential existed to have these records exposed but we will do everything we can to protect our students, their families and others with whom we have worked,” WCSU President James W. Schmotter said in a statement. “The steps we are taking and the solutions we are offering to every one of those affected are designed to address any problems this situation may have caused.”
The school learned of the vulnerability on Sept. 26 and Schmotter immediately activated the Board of Regents security incident response plan, according to the school.
If you were affected, you will receive a letter explaining the protection being offered, according to the school. Western has also set up a searchable database that contains the names of all affected individuals. Instructions can be found at www.wcsu.edu/securityincident.
The school said it re-mediated security vulnerabilities campus-wide, increased security and has informed the Connecticut Attorney General’s office.
WCSU and AllClear ID have set up a hotline at (855) 731-6012 to answer questions from those affected. The hotline will be staffed from 9 a.m. to 9 p.m., Monday through Saturday.