Thousands of students who never even applied to Auburn University have had their personal information, including Social Security numbers, exposed due to a security flaw.
Information about 364,012 current, former and prospective students was accessible online between September 1st 2014, and March 2nd 2015. “The exposure resulted from configuration issues with a new device installed to replace a broken server,” a statement on the university website reads. “After securing our server, we implemented additional network security measures.”
Exposed data includes names, addresses, email addresses, birth dates, Social Security numbers and academic information. The Alabama university had a 2014 enrollment of 25,912 students, but the pool of prospective students caught up in this incident is perhaps the most startling aspect of the breach.
Investigators working with Auburn have not identified any incidents of data abuse related to this breach, according to the university statement.