The affected files have been secured and HSU has verified it was a single email. It is unlikely the privacy and the personal information of other students have been breached, but a notification letter to them recommends obtaining a credit report as a precaution against unusual activity.
The letter to all potentially affected students details the incident, suggests precautions and informs students that the many information security procedures and practices the University has in place are being reviewed. Security measures are reassessed regularly for their effectiveness and enforcement.
The letter of notification explains that personal information was included inadvertently as an attachment to an email which was transmitted in response to a legitimate data request. The affected party alerted the university immediately and HSU verified that all copies of the file were removed from the system.
California residents are entitled to a free credit report annually. A report or fraud alert from one or more credit agencies is available at annualcreditreport.com. Periodic reviews are effective against identity theft.
The website of the Office of Privacy Protection of the California Department of Consumer Affairs posts helpful information concerning personal privacy. The address is privacy.ca.gov.
Anyone who may have been affected or who has follow-up questions is encouraged to dial the Humboldt State Information Security Office at 707/826-3815. Full information is posted at humboldt.edu/security.
The letter of notification is posted at humboldt.edu/letter312.html.