The University’s Information Technology Services Incident Response Team and the Division of Facilities Services should be applauded for its timely and extensive response following the discovery of a security breach that occurred in late July.
On July 30, the information of more than 6,000 UNC students, employees and vendors was made publicly accessible due to the accidental disabling of safeguards protecting the files during maintenance of a computer. The information, which was removed from public access once the breach was discovered in late November, included Social Security numbers, names and addresses.
This was an extremely serious error, and steps should be taken to pinpoint those responsible for it. Nonetheless, the people affected by this incident should know they are well-protected thanks to the University’s swift response over the past few weeks.
After immediately removing all access to the information online, the University sent letters to each individual affected. A call center and email address were set up so that people could get quick answers to questions about the incident.
Perhaps the most substantial step taken by the University has been to offer a year of free credit monitoring for those worried that their personal information is at risk. The ITS website includes extensive suggestions for how people can continue protecting their identity.
The security breach has prompted the University to begin a thorough data remediation process. ITS is working with various schools and departments to delete any information that is not needed on file and to de-identify necessary information so that it cannot be connected to an individual.
Despite the severity of this blunder, individuals should be thankful for the careful, detailed response taken by the University.
