HIGHLIGHTS
UD called 'epicenter' of 2008 presidential race

Refreshed look for 'UDaily'

Fire safety training held for Residence Life staff

New Enrollment Services Building open for business

UD Outdoor Pool encourages kids to do summer reading

UD in the News

UD alumnus Biden selected as vice presidential candidate

Top Obama and McCain strategists are UD alums

Campanella named alumni relations director

Alum trains elephants at Busch Gardens

Police investigate robbery of student

UD delegation promotes basketball in India

Students showcase summer service-learning projects

First UD McNair Ph.D. delivers keynote address

Research symposium spotlights undergraduates

Steiner named associate provost for interdisciplinary research initiatives

More news on UDaily

Subscribe to UDaily's email services


UDaily is produced by the Office of Public Relations
150 South College Ave.
Newark, DE 19716-2701
(302) 831-2791

Public Safety reports computer security breach

8:53 a.m., May 23, 2006--A recent security breach involving a University of Delaware Department of Public Safety computer server has resulted in the possible exposure of names, Social Security Numbers and driver's license numbers.

James J. Flatley, UD director of public safety, said the breach consisted of an intrusion into the server that hosts the department's main records management system.

It appears that the intruders were interested in copying at least some of the information in the database, Flatley said, and therefore it is possible that information that could lead to identity theft is in the hands of an unauthorized person.

Flatley said the security breach was discovered April 8, and the department immediately implemented its cyber incident response plan. Also, the department is conducting a full criminal investigation of the incident that involves the Delaware State Police and the FBI.

The University's policy is to notify all individuals if their personal information may have been compromised following such incidents, and a letter has been sent to everyone whose personal information may have been compromised. The letters inform them of the breach and share information on how to combat identity theft. It is unknown whether any personal information was actually acquired in this case.

In all, 1,076 letters have been sent, Flatley said.

Individuals with concerns about identity theft may visit a special web site prepared by Information Technologies at [www.udel.edu/security/identitytheft.html].

UD's Office of Information Technologies has conducted a campuswide campaign to help departments protect sensitive personal nonpublic information (PNPI), such as Social Security and credit card numbers. Every University department was visited and advised about proper security for stored PNPI.

Information Technologies staff also stressed collecting such information only when required and reiterated the responsibility of each employee to follow UD policy, Delaware laws and federal laws and regulations for the processing and safekeeping of confidential, personal information.

"In every department, those individuals who are responsible for maintaining records must understand that they are responsible for assuring compliance with the Family Educational Rights and Privacy Act (FERPA) and other laws that govern the use of PNPI,” Susan Foster, vice president for information technologies, said.

“This includes not only the proper use of PNPI but the responsibility to secure systems in which it resides,” she said.

Although the University has moved away from using Social Security Numbers as identifiers, some older databases that University departments and units set up in the past may still have such information.

Information Technologies has posted guidelines aimed at helping departments secure PNPI and make sure they are in compliance with the University policy and the law. Those can be found at [www.udel.edu/ssn/guid.html].

The guidelines direct departments to ensure the privacy of PNPI by encrypting electronic transmissions, not storing PNPI locally and protecting PNPI when working from home or outside the University.

Members of the University community with questions about uses of PNPI should call the Information Technologies Help Center at (302) 831-6000 or send email to [consult@udel.edu].

Additional information is available at these sites:

 E-mail this article

  Subscribe to UDaily

  Subscribe to crime alert e-mail notification