The Social Security numbers and bank account data of approximately 350,000 University of North Carolina Charlotte (UNCC) students, faculty and staff has been publicly exposed, some for more than a decade, the University said.
Affected parties were notified in a May 9 press release explaining that confidential information from "general university systems" was accidentally made public for approximately three months before being discovered and reported in February. This personal, sensitive data includes names and addresses as well as Social Security numbers and financial account information.
Another incident caused by the data breach resulted in information from The William States Lee College of Engineering being publicly accessible over the Internet for "a period exceeding a decade."
Both breaches were caused by an IT official who misconfigured a server during an upgrade, UNCC spokesman Stephen Ward told Charlotte's WCNC. UNCC said it has fixed the error.
This cybercrime snafu adds UNCC to the long list of colleges and corporations who've had the misfortune of informing their students and staff that their confidential data was improperly protected. Most recently, Columbia University notified its campus community that a programming error had resulted in the exposure of 3,000 employees' names, addresses, bank account numbers and Social Security numbers.
Although UNCC said it has "no reason to believe that any information from either of these incidents was inappropriately accessed or that information was used for identity theft or other crime," it is offering free credit fraud alerts to those affected to warn them in the event anyone misuses their financial data.