RCTC students birthdates released in data breach
RCTC students birthdates released in data breach
Erich Fisher, Post-Bulletin, Rochester, Minn.
Wed, May 5, 2021, 5:01 AM·1 min read
May 5—A data breach at Rochester Community Technical College was identified and remedied on March 31 after it was discovered that a third-party company had received the birthdates of 5,392 students.
No other personal information from students was released in the breach, said Nate Stoltman, executive director of communications, marketing and external relations at RCTC.
Affected students received notifications of its occurrence between April 1 and April 25.
The breach occurred on both April 4, 2020, and Oct. 29, 2020, when LexisNexis, the third-party company that received the birthdates, did its semester-annual public data request at RCTC and inadvertently received the information, Stoltman said.
The breach was discovered when the college's data compliance official determined LexisNexis, in its latest data request on March 29, 2021, requested non-public data. The official denied the request and then discovered the school had complied with the same request twice before.
The company assured the school that the information would be removed from its systems, he added.
A birth date plays a key role in scammers being able to acquire someone's social security number, according to AARP.com.
"With your name, address and birth date in hand, scammers may be able to buy your Social Security number on websites that normally sell them to businesses conducting background checks," AARP.com said. "If they can't, just by knowing your birth date and hometown, scammers can often guess most, if not all, the digits of your Social Security number."
Erich Fisher, Post-Bulletin, Rochester, Minn.
Wed, May 5, 2021, 5:01 AM·1 min read
May 5—A data breach at Rochester Community Technical College was identified and remedied on March 31 after it was discovered that a third-party company had received the birthdates of 5,392 students.
No other personal information from students was released in the breach, said Nate Stoltman, executive director of communications, marketing and external relations at RCTC.
Affected students received notifications of its occurrence between April 1 and April 25.
The breach occurred on both April 4, 2020, and Oct. 29, 2020, when LexisNexis, the third-party company that received the birthdates, did its semester-annual public data request at RCTC and inadvertently received the information, Stoltman said.
The breach was discovered when the college's data compliance official determined LexisNexis, in its latest data request on March 29, 2021, requested non-public data. The official denied the request and then discovered the school had complied with the same request twice before.
The company assured the school that the information would be removed from its systems, he added.
A birth date plays a key role in scammers being able to acquire someone's social security number, according to AARP.com.
"With your name, address and birth date in hand, scammers may be able to buy your Social Security number on websites that normally sell them to businesses conducting background checks," AARP.com said. "If they can't, just by knowing your birth date and hometown, scammers can often guess most, if not all, the digits of your Social Security number."