University officials have discovered that a student improperly stored sensitive third-party information on one of its servers in violation of UGA’s computer-use policy. An ongoing internal investigation has revealed that the violation, which was discovered March 10, is limited to a server in the New Media Institute.
Upon discovering the policy violation, the university immediately removed student files from the NMI server, securing the sensitive information, which appeared to belong to a North Carolina corporation. University officials are attempting to contact all affected parties, whose data was apparently collected by the corporation, to inform them of the exposure.
“The sensitive information located in the student’s file was not collected by UGA and does not contain or compromise student, faculty or staff records,” says UGA Provost Arnett C. Mace Jr. “At no time was any UGA data compromised.”
According to Scott Shamp, director of the NMI, the intended use of the server is to store portfolio materials students produce as coursework in the NMI. Upon graduation, they are able to share the material with prospective employers.
While in the past there has been no time limit on how long student materials are stored online once a student graduates, Shamp and UGA technology experts are planning to implement a 30-day policy immediately.