
	Publications and Policies

Miami University Documents

About Miami Middletown

Academics

Admission

Campus Offices

Continuing Education


	Home
	Search
	Calendar
	Site Map

Privacy Help

In May 2006, Miami University Middletown became aware that a personal digital assistant (PDA) containing the names and Social Security numbers of 851 students had been lost. The 851 students all attended Miami University Middletown between July 2001 and May 2006.

The missing PDA belonged to a staff employee at Middletown and was loaded with a calendar software program commonly used throughout the university for scheduling personal appointments. This employee put certain identifying student information and notes on her electronic calendar for informational purposes. Specifically, some of the entries on the calendar include students’ names, Social Security numbers and short notes regarding the purpose of the meeting.

Although the university obviously does not have access to the lost PDA, the information that was stored on it was also stored on the employee’s personal computer. By using the data on the computer, the university was able to contact every student who might have been affected.

“This incident involves a potential exposure of data and a potential breach of privacy that Miami takes very seriously and which we deeply regret,” said Miami Middletown Interim Dean Kelly Cowan. “I assure you that we have taken action to prevent this type of incident from happening again.”

Even though there was no indication that this information was being used for illegal purposes, it was strongly advised that the 851 affected students take steps to prevent this information from being used for identity theft purposes. We recommended that they immediately contact the three credit bureaus and ask that an initial fraud alert be placed on their file, including a statement that creditors should get their permission before opening any new accounts in their names. This entitled them to a free credit report that they should have requested and reviewed carefully in order to ensure that there was no fraudulent activity occurring with their credit.

The three credit bureaus may be contacted at:

1. Equifax: 1-800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241

2. Experian: 1-888-EXPERIAN (397-3742); www.experian.com; P.O. Box 9532, Allen, TX 75013

3. TransUnion: 1-800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA
92834-6790

If it appeared that there was unusual activity and that the activity might have been related to the missing data, the University made arrangements to help correct the identity theft on a one-on-one basis.

Students may call Miami University at (513) 727-3440 for more information on the security breach. Please note that Miami University will not be asking students to provide any personal information via phone, this website or any other communications they may receive.

Questions and Answers

Q. I received the notification via letter from Miami about the misplaced names and social security numbers. Does that mean someone stole my personal information and is using it in some way?

A. At this point, Miami has had no reports of unauthorized use of personal information as a result of the loss of the PDA. However, the names and corresponding Social Security Numbers have been lost so it is possible that it could be used in some illegal way.

Q. Exactly what personal information was potentially exposed? If I am a current student, was my information released?

A. The PDA included the names, Social Security numbers and some notes about the students that related to the reason for the meeting. The report only included information on 851 students attending Miami Middletown from July 2001 until May 2006. If you did not receive notification from Miami Middletown that your information was on the PDA, then your information is secure.

Q. Is this information still at risk of disclosure to some unauthorized person?

A. Unless and until the lost PDA is found, a risk still exists. That is why it is important for every student who could be affected to take the precautionary steps previously mentioned in the letter and on this web page.

Q. What has the university done to assure this won't happen again?

A. Miami University is implementing a program to eliminate all Social Security numbers from calendar software and PDAs throughout the entire university.

Miami Middletown is also scheduling a series of employee seminars on protecting student information.

Q. Who should I contact if I have any additional questions concerning this security breach?

A. Students or parents may call Miami University at (513) 727-3440.

Q. Will Miami contact me to ask for private information because of this event?

A. In similar cases at other institutions, people have reportedly been contacted by individuals claiming to represent the university and who then proceed to ask for personal information, including Social Security numbers and/or credit card information. Please be aware that Miami will only contact you with information regarding steps you should take to prevent possible fraud or identity theft; or if you ask us, by e-mail or telephone, for information. We will not ask for your full Social Security number. We will not ask for credit card or bank information. We recommend that you do not release personal information in response to any contacts of this nature that you have not initiated.

Identity Theft and Protecting Yourself

Identity theft occurs when someone uses another person's personal information such as name, Social Security number, driver's license number, credit card number, or other identifying information to take on that person's identity in order to commit fraud or other crimes.

Recommended Precautions

To avoid identity theft, the following precautions are recommended:

* Protect your Social Security number. Don't carry your Social Security card or other cards that show your SSN.

* Use caution when sharing personal information. Scam artists "phish" for victims by pretending to be banks, stores, or government agencies. They do this over the phone, via e-mail, and via postal mail.

* Treat your trash carefully. Shred or destroy papers containing your personal information, including credit card offers and "convenience checks" that you don't use.

* Protect your postal mail. Retrieve mail promptly. Discontinue delivery while out of town.

* Check your bills and bank statements. Open your credit card bills and bank statements right away. Check carefully for any unauthorized charges or withdrawals and report them immediately. Call if bills don’t arrive on time. It may mean that someone has changed contact information to hide fraudulent charges.

* Check your credit reports. Review your credit report at least once a year. Check for changed addresses and fraudulent charges.

* Stop pre-approved credit offers. Pre-approved credit card offers are a target for identity thieves who steal your mail. Have your name removed from credit bureau marketing lists. Call toll-free 888-5OPTOUT (888-567-8688).

* Ask questions. Ask questions whenever you are asked for personal information that seems inappropriate for the transaction. Ask how the information will be used and if it will be shared. Ask how it will be protected. If you're not satisfied with the answers, don't provide your personal information.

* Protect your computer. Protect personal information on your computer by following these security practices:
* Use passwords that make it as difficult as possible for an intruder to correctly guess what you've chosen.
* Use firewall, anti-virus, and anti-spyware software and update it regularly.
* Download software only from sites you know and trust and only after reading all the terms and conditions.
* Don't click on links in pop-up windows or in spam e-mail.

* Use the Web with caution. When shopping online, check out a website before entering your credit card number or other personal information. Read the privacy policy and take opportunities to opt out of information sharing. Enter personal information only on secure Web pages that encrypt your data in transit. You can often tell if a page is secure if "https" is in the URL or if there is a closed padlock icon on the browser window.

Additional Resources

If you have reason to believe your personal information has been compromised or stolen, go to the Federal Trade Commission website, www.consumer.gov/idtheft.
This website lists the steps you should take immediately.

Social Security Administration
SSA Fraud Hotline: 800-269-0271
www.ssa.gov

If you are the victim of a stolen Social Security number, the SSA can provide information on how to report the fraudulent use of your number and how to correct your earnings record. We encourage you to contact the Fraud Hotline immediately once you suspect identity theft.

The SSA website also provides tips on using and securing your Social Security number. SSA Publication 05-10064 provides additional advice for keeping your number safe.

ID Theft Clearinghouse
1-877-ID-THEFT (1-877-438-4338)
Call the ID Theft Clearinghouse toll free to report identity theft. Counselors will take your complaint and advise you how to deal with the credit-related problems that could result from identity theft.

Department of Justice
www.usdoj.gov/criminal/fraud/idtheft.html

Privacy Rights Clearinghouse—Identity Theft Resources
www.privacyrights.org/identity.htm

National Fraud Information Center Hotline
800-876-7060

Identity Theft Resource Center
858-693-7935


		©2007 \| Miami University Middletown \| Middletown, Ohio 45042 \| 513-727-3200 or 1-86-MIAMI-MID (tollfree) \| Feedback Form