An unencrypted laptop with access to sensitive information about some 2,000 employees and dependents was left on a city bus in late March. The university has notified at-risk individuals.
(TNS) —Seattle University is warning that the names and Social Security numbers of more than 2,000 people could be exposed after a university-issued laptop was lost last month.
Files containing information for 2,102 current and former faculty, staff and their dependents are accessible from the unencrypted laptop, which a university employee lost on a King County Metro bus on March 26, according to a statement from the university.
A few days later, the employee alerted university officials, who notified Metro and Seattle police, but they were unable to find the laptop. The university said that while there’s no indication the information was accessed, the laptop has access to information about employees and their dependents enrolled in the university’s benefit plan.
The information was attached to an offline email cache file on the laptop, according to the university. The “main file of concern” was sent in an email to the employee in error by an outside vendor, which the university said was an isolated incident.
The university sent letters to those who may be affected on April 22, offering a one-year membership for an identity-theft and credit-monitoring service.
The university recently hired a director of cybersecurity and risk, who investigated the incident. University officials promised to enhance security procedures and said they’re redoubling efforts to encrypt data on all university laptops.
The incident follows data breaches at Washington colleges.
Last month, Washington State University agreed to pay up to $4.7 million in cash reimbursements and fees to settle a class-action lawsuit filed after a hard drive containing information of more than a million people was stolen from a self-storage locker in 2017.
Earlier this year, University of Washington Medicine announced that medical files of nearly 1 million patients were visible on the internet for at least three weeks in December because of an “internal human error.”
More information on the Seattle University incident, including a call center for those with questions, can be found on the university’s website.
©2019 The Seattle Times. Distributed by Tribune Content Agency, LLC.