MU reports potential data breach on grad school applications

Marquette University seal

Marquette University seal

The university said it corrected a potential data breach from a glitch that provided online graduate school application access to anyone with Marquette log-in information.

This potential breach, reported Thursday by the Milwaukee Journal Sentinel, was found by a university employee. Access to graduate school applications is normally limited to select university officials, since the documents include Social Security numbers, dates of birth, addresses, test scores and financial information — all things that were potentially breached.

University spokesman Brian Dorrington told the Journal Sentinel that the breach was reported and fixed immediately after it was found.

“To the best of our knowledge, this information was accessed by a single individual — one Marquette employee — who promptly reported it to the university and we took immediate action to remove access to the documents,” Dorrington said in an email to the Journal Sentinel.

This potential breach was unlike the credit card breach that took place in September at Jimmy John’s stores — including the one on campus — which was a result of malware. Marquette’s breach was caused by an error in log-in settings.

The university apologized for the potential breach in a statement Thursday and suggested that affected persons sign up for free 90-day fraud alerts from major credit bureaus, such as Experian, Equifax and TransUnion. These credit bureaus work together so that when a fraud alert is placed on one bureau, it automatically is placed on the other two within 48 hours.

According to Equifax’s website, a 90-day fraud alert requires an individual’s credit lender to verify that the account owner has authorized transactions like opening a new credit account, increasing the credit limit on a pre-existing account or obtaining a new card on an existing account.

This article was updated on Oct. 20, 2014 at 7:59 p.m.