/ epic-fail

University of Florida Security Fail

I love it when, while rummaging around old websites, I find links to events that are relevant to the current day on accident. Today, I bring to your attention a security incident that happened at the University of Florida. Quite frankly, I’d love to break down the incident of what happened, but I really think the way the UF website puts it can’t be topped. Notes in italics were added by me.

The University’s Privacy Office was notified of a privacy breach which occurred in 2003, and was discovered on August 17, 2010. Specifically, an archive of class information was web accessible (meaning anyone who knew or could find the specific web address could read the information) and included names, addresses, social security numbers, and UFIDs. (Source: UFL Privacy Notice)

You read that correctly. The University of Florida had names, addresses, SSNs, and UFIDs (their unified login system) seemingly open to anyone who managed to stumble across it for seven years before it was found. Now, this is the definition of old news, but I’m a bulldawg through and through…. so simply allow me to say that the only words that come to mind are EPIC FAIL.