Files containing the personal information, which included names and social security numbers, was placed on the web server used for posting course syllabi and other academic information, the college said in a press release.
“Based on a review of server logs, it is unlikely that the files have been accessed since 2008, outside of college personnel. Although it’s possible that this data could have been accessed by unauthorized individuals on the web, campus officials say they have no direct evidence that it has been discovered or used by anyone maliciously”, the college said.
Once the administration discovered the files were posted on the public server, the files were removed and the server was taken down, the statement explained.
"We are notifying the affected students and faculty members as a precaution", said Bruce Scism, the college’s interim president. "We have contacted the major credit reporting agencies and informed them that some of our students’ and faculty member’s personal information may have been accessible. We want to err on the side of caution", he added.
"We regret what has happened and apologize for the inconvenience this may cause….Vol State is reviewing and changing [information security] processes in order to keep personally identifiable information in a secure environment. The college has already implemented several measures that should keep a problem like this from recurring", Scism concluded.