OXFORD, Miss. — Through a mass E-mail, the University of Mississippi Medical Center’s accounting department accidentally gave out the personal information for the majority of its student body.
The accounting department sent a mass E-mail to notify students about changes to the school’s health insurance. However, an attached spreadsheet contained the names, Social Security numbers, grade-point averages, race, gender, birthdays, addresses and phone numbers for nearly 2,300 students at UMC, The Clarion-Ledger reports.
Four minutes after the E-mail went out UMC officials began sending out recall E-mails within a course of 40 minutes, which deleted some of the messages. Roughly 190 of the university’s 2,279 student received the E-mail; of those, only 115 opened the message. It is unclear how many opened the spreadsheet.
University officials are considering offering free identity theft protection services to the campus community.
The recent incident is a violation of FERPA laws, which prohibits schools from releasing school records and identifying information without the permission of students or their parents. Additionally, the federal Privacy Act of 1974 requires public entities to have policies restricting when Social Security numbers can be disclosed.
Related Articles: