Virginia Tech‘s human resources department was breached and the hackers exposed sensitive information of about 145,000 job applicants, a university spokesman stated.
The university declared today that a computer server in the department was
accessed from an outside source Aug. 28.
Letters were sent over the weekend to about 17,000 people who applied for a job between the years 2003 and 2013 had put driver’s licence numbers on their applications for employment the university said.
Virginia law defines such information as private and requires that institutions notify people if such data is compromised.
The data leak wasn’t a failure in the university’s security system, according to the school’s spokesman, Larry Hincker.
“We have protections and protocols in place” to prevent hackers from accessing sensitive information, he said. “They were not followed. It was human error.” That error allowed a hacker or hackers to access a database containing a decade’s worth of applicant information.
Thus far officials can say that no social security numbers, credit card information or dates of birth were touched, according to the university.
“Faculty applicants are asked to provide minimal information on the online application, so no employment or education history was on the server. For staff applicants, employment and education history was on the server.”
Any applicants that provided their Drivers License number will be able to receive a full year of credit monitoring . This also includes 90-day alerts to intercept identity theft attempts.
“Applicants typically attach documents (resumes, for example) to their online application. No attached documents for any of the 144,963 individuals were on the server,” Tech stated.