[Wildcat Online: News] [ad info]
classifieds

news
sports
opinions
comics
arts
discussion

(LAST_STORY) (NEXT_STORY)


Search

ARCHIVES
CONTACT US
WORLD NEWS

UA student info unaffected by Jobtrak security breach; university officals still worried

By Erin Mahoney
Arizona Daily Wildcat,
April 19, 2000
Talk about this story

UA student transcripts were not found among the hundreds of pages of personal information made available by a Jobtrak security breach, but university officials remain wary.

Jobtrak, a national, online job-listing vendor, has agreements with almost 1,000 institutions - including all three public universities in Arizona. UA's Career Services provides the university's information to the service.

"I am appalled at this," said Marie Rozenblit, UA Career Services director. "It should not have occurred. We were told it was a secure site."

The Arizona Daily Wildcat learned this week that a breach in Jobtrak's online File Transfer Protocol server made hundreds of student resumes and transcripts from universities nationwide accessible to third parties over the Internet.

Since 1999, UA students have been allowed to post resumes and other information for potential employers on Jobtrak's national database through the UA's extension service, CatTraks - part of Career Services.

UA students sign a release allowing the department to release their information to employers only, Rozenblit said.

"We want to make sure you say it's OK for us to send your resume off to employers," she added.

Jobtrak's privacy statement guarantees that student information is secure.

"Personal information collected by us is stored in secure operating environments that are not available to the public without your consent. We store the information securely at our business, and only designated employees may have access to it," it states.

But the Arizona Daily Wildcat obtained hundreds of student resumes and transcripts this week from students at the Massachusetts Institute of Technology, the Georgia Institute of Technology, Carnegie-Mellon University, the University of Southern California, the University of California-Los Angeles and the University of California-Berkeley by connecting to Jobtrak's FTP server.

Rozenblit said although the UA's agreement with Jobtrak can't be canceled automatically, she is worried.

"I'm concerned," she said. "We (UA) are going to be a lot more vigilant."

She said Jobtrak's actions were "not right," and added that her colleagues will feel the same way.

"I'm sure this will be the reaction of directors all over the country," she said.

Center for Computer Information Technology officials said CCIT will step in if a UA complaint is made.

"If someone were to make a complaint, we would turn the problem over to the UA lawyers and take steps to block it," said Ted Frohling, network principal systems programmer for CCIT. "But because it is not on UA servers there is nothing proactive that we can do about it."

UA spokeswoman Sharon Kha said she was unaware of the breach, but added that the university is "very concerned" with student privacy.

"It (the breach) is something we've really got to address quickly," she said.

Kha added that the leak is indicative of the future of technology-based universities.

"It's the inadvertent release of private information," she said. "It concerns me this is only one example of a whole new era we're moving into. This could happen 100 times a day at this university and at other universities."

Wildcat Online editor Joshua McClain contributed to this story.


(LAST_STORY) (NEXT_STORY)
[end content]
[ad info]