Fla. College Breach Affects 280,000
50 Cases of Identity Theft Confirmed
A data breach at Northwest Florida State College has affected nearly 280,000 students and employees, exposing their sensitive information. The incident has led to 50 cases of identity theft, the college reports.
See Also: LIVE Webinar | Stop, Drop (a Table) & Roll: An SQL Highlight Discussion
The college announced on Oct. 10 that an investigation into a breach of the college's computer systems revealed that student and employee data had been compromised by an unauthorized external party.
On Oct. 8, Northwest Florida State College first reported that only 3,200 employees had been affected by the breach, which occurred from May 21 until Sept. 24. One or more hackers accessed one folder on the main server, which had multiple files on it, according to the college. Employee information compromised included name, Social Security number, date of birth and direct deposit account numbers.
The hackers were able to piece together enough information to engage in identify theft affecting at least 50 employees, according to a letter sent to those affected.
In some cases, the thieves used PayDayMax and Discount Advance Loans, cash advance businesses, to take out personal loans that are repaid by debiting a bank account. Also, the thieves applied for a Home Depot credit card in a college employee's name and then proceeded to use it to make purchases, the college said.
Breach Impact Grows
Further investigation revealed that 76,500 current and past students of the college, as well as about 200,000 Bright Futures scholars across the State of Florida, also were affected.
Compromised Northwest Florida State student information includes name, address, birth date and Social Security number. The exposed Bright Futures scholars data includes names, Social Security numbers, dates of birth, ethnicity and gender for all eligible students during the 2005-06 and 2006-07 academic years.
Cristie Kedroski, vice president for college advancement at Northwest Florida State, declined to provide further details because the investigation is ongoing.
The college is not yet offering free credit monitoring services, Kedroski says, noting that officials are looking into the expense.
The incident is being investigated by the Okaloosa County Sheriff's Office cybercrimes unit, with assistance from the Florida Department of Law Enforcement.
The college is recommending that affected individuals who suspect improper use of their Social Security number should contact the Federal Trade Commission. It's also advising them to place a fraud alert on their credit files using Experian, Equifax or TransUnion. Affected individuals should call the local sheriff's office and file a police report if identity theft occurs, the college recommends.
Further information about the incident is available on the college's website.
