WSU Stolen Hard Drive Contained Over One Million People’s Personal Data

The stolen hard drive contained information such as Social Security numbers and personal health information.

WSU Stolen Hard Drive Contained Over One Million People’s Personal Data

The hard drive was kept in a safe in an off-campus storage container.

Washington State University is paying heftily after a backup hard drive containing personal data of over one million people was stolen.

A safe containing the backup hard drive was taken from an off-site storage container in Olympia on April 21. The hard drive belonged to the school’s Social & Economic Sciences Research Center (SESRC), according to Q13 Fox.

WSU released a statement following the incident, stating “The drive contained documents that included personal information such as names, Social Security numbers and, in some cases, personal health information. Entities that provided data to the SESRC include school districts, community colleges, and other customers.”

The hard drive contained data from 1998 to 2013, according to WSU spokesman Phil Weiler.

The school began mailing letters to those affected by the theft on June 9. They also set up a dedicated call center for any questions.

“We have no indication that the information on the hard drive has been accessed or misused in any way,” read part of the letter. “However, as a precaution, we are notifying you of this incident and offering you a complimentary one-year membership to Experian’s ProtectMayID Alert.”

The one-year membership of free credit monitoring will cost the school approximately $10 per person, according to the Seattle Times. Thus far, 8,367 people have accepted the offer, costing the school an additional $80,000.

The postage alone for the one million mailed letters will cost the school between $383,000 and $465,000.

Weiler says the school has a $150,000 deductible under its “breach response” insurance policy with Beazley USA.

The personal information was from individuals who participated in studies and evaluations conducted by the SESRC, according to the school.

However, some who received the letters claim to have never participated in any sort of study with the school, leaving them to wonder how the school could have obtained their personal information.

Tommy Bell is one of those people. “I went to Western Washington,” he said. “I attended Whatcom Community College. Maybe the schools shared it. I don’t really know.”

WSU said the reason it was able to access information such as Social Security numbers was due to the Family Education Rights and Privacy Act, which allows schools to conduct studies on behalf of public agencies.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

About the Author


Amy is Campus Safety’s Executive Editor. Prior to joining the editorial team in 2017, she worked in both events and digital marketing.

Amy has many close relatives and friends who are teachers, motivating her to learn and share as much as she can about campus security. She has a minor in education and has worked with children in several capacities, further deepening her passion for keeping students safe.

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters
Campus Safety HQ