One recent grad forwarded Bwog the following email, which contains some bad news for the unluckiest 5,000 of you. Apparently, housing information that included names and social security numbers was accidentally posted online by a former student employee in February 2007.
Housing & Dining is very sorry, and has even bought you and your probably-stolen social security numbers an apology gift to make it up to you: “As an additional precaution, Columbia has arranged for you to receive a free two-year subscription to a credit monitoring service, Identity Guard CreditProtectX3SM. This service will provide you with a copy of your credit report, monitor your credit files at all three major credit bureaus and notify you of certain suspicious activities that could indicate identity theft.”
Full email after the jump.
UPDATE 11:32 PM: One Bwog operative calling himself “Person who’s SSN was exposed” has located via Google cache the Excel document that used to contain the SSNs and names in question. According to the aforementioned operative, the Excel document was created apparently in relation to “a HW for CS4733, aka ‘Computational Aspects of Robotics.'” Also, the Spec has published the story.
UPDATE 11:11 AM: A Bwog writer and SSN victim just called Student Services and the email is not, in fact, a scam. Sorry folks.
———- Forwarded message ———-
From: Student Services Assist <studentservices-assist@columbia.edu>
Date: Tue, 10 Jun 2008 19:25:55 -0400
Subject: Important Security Information
To: [redacted]
June 10, 2008
[Home address of recipient redacted]
“Dear [Redacted]:
On June 3, Columbia University’s Housing and Dining department was
informed that one archival database file containing the housing
information of approximately 5,000 current and former undergraduate
students was found on a Google-hosted website. Google removed this file,
at our request, that same day.
Columbia Public Safety investigators have concluded that this security
breach was unintentional. No financial data was included in the file in
question, and we have no evidence of wrongdoing or identity theft. It
appears that the file was inadvertently posted by a former student
employee in February 2007. Nevertheless, it is important for you to be
aware that your name and Social Security Number were included in the file.
We are very sorry for this occurrence.
Information security is a serious issue for us, as we know it is for you.
Columbia University is continually strengthening its measures to protect
Social Security Numbers where they are required in our systems. Housing &
Dining manually eliminated Social Security Numbers from its online room
selection process and contracts in April 2007. Further, in spring 2008,
Columbia Housing and Dining implemented a new software system to manage
and improve the housing assignment, contract, and billing processes which
also does not use Social Security Numbers. Unfortunately, this file was
uploaded prior to when these changes were made.
As an additional precaution, Columbia has arranged for you to receive a
free two-year subscription to a credit monitoring service, Identity Guard
CreditProtectX3SM. This service will provide you with a copy of your
credit report, monitor your credit files at all three major credit bureaus
(Equifax, Experian and Trans Union) and notify you of certain suspicious
activities that could indicate identity theft. You will receive additional
information about enrolling in this service in the next week.
If you do not wish to enroll in this service, you may still choose to
activate a fraud alert with the major credit bureaus, or periodically
request a credit report to look for potential irregularities and ensure
that no new accounts have been activated in your name. Each agency has an
automated fraud alert process. If you activate a fraud alert, the agency
you contact will notify the other two agencies so that those agencies also
can place fraud alerts on your accounts. In addition, each agency will
provide you a copy of your credit report at no cost. The contact
information for the credit agencies is as follows:
Equifax – (800) 525-6285 – www.equifax.com
Experian – (888) 397-3742 – www.experian.com
Trans Union – (800) 680-7289 – www.transunion.com
We sincerely apologize for the inconvenience this has caused you. Please
know that we take the protection of your identity seriously. We are
confident that the changes we have made since this file was posted have
made all students and alumni safer.
If you should have any questions or comments, please contact us by calling
1(888) 882-7331 or by emailing studentservices-assist@columbia.edu
(mailto:studentservices-assist@columbia.edu).
Sincerely,
Scott Wright
Vice President
Student Auxiliary & Business Services”
130 Comments
@gco columbia should put some funds into a identity theft insurance pool to cover the costs that will be incurred by any person whose ID is stolen as a result of this. that makes a lot more sense than giving 5,000 people credit monitoring subscriptions for an arbitrary period of time. if they really did spend north of a million dollars, wouldn’t it have been better to just set that aside? ex post, it allocates more money to the actual people who need it– namely, the people who actually have problems as a result of this. ex ante, it provides insurance to everyone, so we all sleep better, even though the vast majority of us are probably going to be fine. my SSN was posted, by the way
@out in the news http://www.nysun.com/new-york/columbia-students-outraged-by-online-privacy/79844/
@pwnt http://www.petitiononline.com/breach/petition.html see Signature #95.
@Sprinkles Why are we protecting the person who did this?
@Timing he should be expelled from CU if he’s still there. He just cost CU $1,560,000. ($13 ID service*24 months *5000)
@Timing You’re assuming that they are competent. Tisk Tisk!(A mistake many of us had made in the past.) If they were competent, they wouldn’t allow a pimple-faced student to download 5,000 SS# off their computers.
@timingPart2 Indeed, spoken wisely…those assumptions always get us in the end…
@timingPart2 don’t u think they would have cleaned up the google cache and whatever other traces, if they knew about this for longer than they say? apparently there was still stuff out there after they sent the two emails…
@Timing It is entirely coincidental that Columbia conveniently disclosed the breach after summer vacation started, when the affected students would not be in campus.
@fyi anyone ever stopped to think about how their identity could really be taken???
http://www.washingtonpost.com/wp-dyn/content/article/2008/06/11/AR2008061103759.html
@... lest future generations of CU students forget…
http://www.wikicu.com/Housing_SSN_scandal
http://www.wikicu.com/Category:Scandals
http://www.wikicu.com/Image:FedColumbiaCartoon.jpg
@retribution Someone should thank Mr. Hafemeister. Perhaps by purchasing
[firstname]hafemeister.com
and explaining the whole incident.
@I sure hope this http://www.gocolumbialions.com/ViewArticle.dbml?SPSID=43592&SPID=3876&DB_OEM_ID=9600&ATCLID=612091&Q_SEASON=2006 person’s employer doesn’t find out about his little boo-boo with highly private information.
@sh2125 CU removed the UNI sh2125. Also there’s no more sven’s on facebook anymore.
@Hahaha …Hafemeister
@Hahaha Sven…
@So if i say that a certain Mr. Hafemeister is the brainless culprit behind this mess, my post cannot be deleted. I leave it up to my brilliant Columbia colleagues to logically deduce the full name, as I have explicitly not posted it here.
@meh Sven is not a full name.
@j-grace i, for one, just can’t believe rob trump would do something like this.
@Anonymous I regret nothing.
Except posting my own information along with that of 4999 others. I regret that part.
@Delete this comment. His name is Robert Paulson. His name is Robert Paulson. His name is Robert Paulson. His name is Robert Paulson.
@Alum I’m a little surprised that the guy responsible hasn’t issued an apology or explanation for his actions, even an anonymous one, rather than just hiding behind the official email. Given the potential impact of his actions on those of us listed in the document, it doesn’t seem like too much to ask.
@perhaps Maybe he doesn’t know he’s being lynched on Bwog right now? Not everyone reads this thing, you know.
@meh probably the case. Apparently, BWOG only deletes posts with your entire name if you request it. We could all be really trashing Joe Blow, without his knowledge – and it won’t get deleted. Should I just e-mail BWOG now and ask that all posts in the past or future with my full name be deleted?
@Juli Really? Commenters 101 and 102, please see comment 97.
@meh I read comment 97 – which is what prompted me (#102) to write what I wrote. The comment was deleted because the named person asked for you to delete it. If he did not know his name was posted here, he would not have requested the deletion. So, if I start bashing Joe Blow, and he does not know it is on the BWOG, he will not request its deletion, and it will remain for all to see and ridicule him.
Also, Juli (if that is your real name), in the follow up BWOG post (http://bwog.net/articles/ssn_snafu_protests_go_digital#comments), you wrote in comment #20 that the ball is in “sven’s court” – since then, he has apparently requested deletion… maybe you should delete your post there since it has his first name.
@Juli “Sven” is not a full name. Comment 97 specifically stipulates that it must be a full name: “Two comments were deleted because they contained the full name of a certain someone who asked for them to be deleted.”
@anti-Site staff Juli, that’s a stupid policy. You should delete the previous four comments which obviously spell out someone’s full name. And probably the one with only a first name two. Otherwise, what’s the point?
@bahramewe Yeah, ’cause having your personal information spread around on the world wide interwebs without your permission sure is a bummer.
@Agreed... All posting his first name does is draw unwarranted hate to others named Sven.
There are (were) 3 on Facebook. Now there is two…said offender is not a part of them.
And honestly? How many SVEN’s do you know, including ones that go to Columbia? Using his name at all is just plain pointless…seeing as how its a rather distinct name.
@Haha Juli walked right into that one. I wonder if she’s gonna bit the bullet and admit she made a mistake.
@Juli Two comments were deleted because they contained the full name of a certain someone who asked for them to be deleted.
All future comments containing the name of that someone will also suffer the same terrible fate, so heads up everyone.
@Is there a way that we can completely eliminate the necessity of SSNs as identifiers except when *absolutely* necessary (e.g. finances)? We have other ways of being identified – UNIs, CUID numbers – and I feel like the phasing out of SSNs as identifiers should have been done long ago. But again, Columbia is years behind. Maybe this little mishap will whip them into shape.
@been done yep. it’s been done. the switch was completed by september 07 with the new id cards. it makes whining about “change” somewhat difficult when the “change” has now already been done, but this file was from before the switchover
@no response? Has anyone else tried emailing address Scott Wright included in his “apology?” I sent a message expressing my frustation with this fiasco and a request that the University offer the free, two-year trial of IdentityGuard CreditProtect to ALL THOSE AFFECTED, not just the handful of lucky “victims” that got this generous gift. It’s been about 36 hours and I haven’t heard a peep from Columbia.
@anyone else get tapped by the NY post and asked to comment/forward them the email?
@There is no... honest mistake to all this. Who in their right mind would EVER use confidential such as SS numbers for something as trivial a SCHOOL PROJECT? And has the gall to post it ONLINE?
This is just pure, blatant idiocy, plain and simple. Apparently instead of using random name and number generators, the person/party in question decides to use people’s ACTUAL names and ACTUAL SS numbers…and saw no potential ramifications for this.
And its great that its now known that we get two years of credit protection. That way, when the two years runs out, then 5000 of us can go right back to having our identities stolen. What a way to blow a couple million dollars.
Fuck Columbia. Fuck the idiot who put us in this position in the first place.
@Important Point While it’s clear that Google has taken down the Googlecode page for the class project at this point, it’s less clear to me that the googlecode files were publicly accessible. Do we know for sure that output.xls was actually downloadable without a login? Plus, it was downloaded only 4 times, i.e. perhaps only by members of the project itself? Moreover, if the code repository required a google account for access, there’d be a pretty clear record of who downloaded the file, no? With only four downloads, conceivably even if it were publicly accessible, Google at least has IP information if not Google Account information of those individuals. 16 months or not, I’m not yet sure this information actually got into the wrong hands.
@i say it's public considering that googlecode only hosts open source projects
@... fuck.
@alexw I’m taking their shitty credit protection scam bullshit just so I will cost the incompetent pinheads as much money as possible.
You should do the same.
@well if it costs student services its just going to cost the students more anyways, in programs and in competent staff
@DHI I agree 100% with this idea; you have to fuck with the cash of any of these organizations to make them give a shit. Obviously it’s destructive in any particular situation, but it’s good policy.
@ss# by the way – has anyone thought about what this mishap will cost CU? Credit protection is 12.99/month x 24 months x 5000 student =1.5 million. Even with a bulk discount this has gotta be costing Student Services >1mil
@Well not all 5000 Since they didn’t give it to me. Bah.
@OF COURSE i know many CS ppl who use that information to make predictions about the housing lottery.
though the SSN’s are not useful for that purpose, the number of ppl living in those suites are useful…
@i don't care who but i’d like to see some heads roll for this. seriously.
@if you google the project owner, you discover that he’s an athlete in SEAs. Figures.
@EAL You’re an idiot. Mindless bashing of the athletes is completely irrational and unrelated to the topic at hand.
@if you google cs4733 google code
You will get three hits. Click “cache” under the first or second one and you discover the possible culprit (the project owner)
@... i’m a bit of an idiot, so you’ll have to explain this to me…
what exactly does the housing office leaking a room assignments spreadsheet have to do with a homework for a graduate/senior class in computer science/engineering?
there’s no way in hell the school would ever release personal information to students for a project.
and there is really no connection whatsoever between robotics, a specific homework in a robotics class and a personal information spreadsheet put together by the housing office.
it’s time to either confirm and clarify or put this ridiculous rumor to bed.
@tada http://cc.msnscache.com/cache.aspx?q=73381023649685&mkt=en-US&setlang=en-US&w=8006b6d6,9ed441b4&FORM=CVRE9
@great... so there are 2 downloaded copies somewhere out in the public… gjdm/columbia
@correction 4 times.
http://cc.msnscache.com/cache.aspx?q=73424566345560&mkt=en-US&setlang=en-US&w=ea9b6e99,e55de10f&FORM=CVRE
@dude seriously?
@... wow…
only thing i can guess is that someone was working on some kind of export thingy for housing as a student job and one of the output files got mixed in with the homework.
moral of the story: do not ever write computer programs that name their output files “output.” it makes an excellent case study!
that said. hey bwog, what do you think about deleting all the comments that provide breadcrumbs back to the guy who made the mistake. granted, it was a grumble from me that got the stuff posted in the first place. but nevertheless, i think that having his name and employer up is not really cool and doesn’t really add anything interesting to the story. i guess you could argue it’s poetic justice, but c’mon, it seems awfully doubtful that anything malicious went down here.
@can anyone check... to see if the spreadsheet’s been cached on archive.org’s way back machine?
it usually saves those too… I’m sure columbia didn’t bother removing it from other indexes *facepalm*
@fuck this school my SSN is not producing a google hit for the spreadsheet on its own or when i search for it together with beds roster. so hopefully this suggests the thing has been properly removed now? (though the fact that anybody managed to get the spreadsheet to come up means columbia was not as successful at instantly removing the material as the email claims.)
also, SOMETHING FOR BWOG TO INVESTIGATE: is 2 years of credit-monitoring some kind of industry standard for what you need to be reasonably sure you’re not going to take it in the butt from some identity thief? or is it just what columbia decided they could get away with as a way to placate the 5000 people they completely screwed over?
also, why in god’s name did a student employee even have access to a file full of SSNs to being with? it seems like when the email says columbia is committed to protecting our personal data, they really mean, “RECENTLY committed to it, to a degree that may or may not actually make up for the previous disregard for that same enterprise”
@qqq Um, is a SSN technically confidential? It’s used for so many things (the reason why it’s useful for fraud) that it’s hardly a secret. Is there a law requiring companies to protect personal information? If so, can the company be held liable for one employee acting individually, probably against the terms of his employment contract?
@DHI “Um”
Yes, I am pretty sure that it is “technically confidential,” and that if you use your Social Security Number whoever you give it to has a responsibility to keep it confidential.
It would be an unbelievably bad system if there was a number that functionally needed to be confidential, but nobody was required to treat it as protected information.
@probably You can probably sue them for negligence and failure to keep confidential items securely. Though the lawyers of CU are an unholy army.
@well... you could try filing a ferpa complaint. get the gov’t on their ass.
@another "victim" Yeah I don’t think a lawsuit is the way to go. That is unless someone did steal your identity in the past year and somehow destroyed your credit. I just got a free credit report online and there isn’t anything on there that shouldn’t be. I suggest others do that too since who knows how speedy columbia will be with the credit monitoring service.
@unfortunately As of now we have no damages to claim in order to bring a suit against Columbia, nothing has happened, as infuriating as it is.
@Well Since the file is ‘beds_roster_0607’ I am going to assume that anyone living in Columbia housing that year is on it? Also, WHY were two different emails sent out, one with the free subscription and one without?
Bwog, please investigate
@.... i seriously feel like we are entitled to some sort of legal/financial recourse. Thoughts from the bwogosphere?
@I agree I do as well…lets get a petition going or something…lets find out if its real or not first though.
@EAL Unbelieveable. Just got the e-mail this morning. What a great way to start the day.
@cc07 I didn’t even get the email. I had to call, and they told me that my SSN was posted. Even if you didn’t get the email, you might want to call them just to check.
@This is infuriating Doesn’t anyone want to do anything about this? Class action lawsuit? I do.
@the Man '07 This seems suspicious….
http://blogs.tampabay.com/schools/2008/06/oops-uf-posts-s.html
What are the odds of UF having a student “accidentally” post SSN’s and addresses online…. Methinks this may be a recurring scam
@... my social security number is the cell phone number for a crane operator in the czech republic! no joke!
here’s the deal. you guys sue columbia and i’ll sue the crane operator! i’d say that both our cases have an equal shot at winning!
@umm. “Person who’s SSN was exposed”?
come, now.
@there's an easy way to put the debate about the legitimacy of the email to rest: our eager reporters here call Scott Wright and ask him directly whether he or his secretary sent this thing
@Google This is what shows up on the bottom of the search apge when I Google my SSN (no dashes or spaces):
http://i28.tinypic.com/2ey8h9e.jpg
@someone inside google is now saving every 9-digit search and cross referencing it with a database of columbia students.
Just their next step in taking over the world.
@i find it hard to believe some computer tech savvy guy didnt find this a hell of a long time ago.
16 months? just dont buy it.
@trust me plenty of people have already found this, and not all of them are computer tech savvy guys. Some, if not most, of them are far more likely random African/ Chinese/ Russian spammers and thieves.
@wow that’s so racist.
@moron Go read some security reports and find out which IP domains generate the most security threats. And shove your racism card back up your ass.
@also confused – How the hell is there no wrongdoing? Our SSN#’s were posted online since Feb.
@new numbers You can get new social security numbers, though it may require evidence that yours is being used by someone else. Not sure if this incident would allow us to get new numbers if we wanted to, but maybe.
@Ron Gejman I guess I’m lucky. I only get iTunes Music Store record identifiers for my SSN!
@ss# i just entered my number directly: 123456789 (no thats not my actual SS#). It was the last link on the bottom of the google search page.
@i get a bunch of web sites in foreign languages also. hah, i wonder if my number is all over the web being used by dirtbags, or maybe i’m just paranoid.
@confused Hmmm…I got the email (albeit the alternate version without the free two-year offer Identity Guard Creditprotect) and a google search of my SSN turns up nothing. A couple of points I don’t understand:
– Why is Student Services sending two versions of the “apology” email with varying offers? Does this have to do with the fact that I am an alumn or are they sending some kind of email to everyone regardless of whether their SSN was included in that file or not?
– Why was some student employee using sensitive data for some stupid comp-sci project?
@as an alum I got an email with the free two-year offer.
As a technically minded alum, if this turns out to be true (it already looks 50% legit, as my SSN does produce a result on Google), I intend to get to the bottom of this, and encourage any like-minded individuals to do so as well. Whichever retard did this deserves to have every bone in his hands to be broken.
@ss# I also want an explanation for why an employee used a confidential database for a school project. Talk about a lawsuit waiting to happen…
@ss# it’s real. for the people who got the e-mail, if you do a search with your SS# the google doc pops up.
@i try do i need spaces? dashes? nothing? i dont get hte document yet i got the email.
@Kubler-Ross Can’t wait till we reach the 2nd stage!
@rmb When did you change your home address? Before or after February 2007?
@Ron Gejman Also “if you are calling in regards to the recent security incident, please leave your name and phone number, blah blah.”
What is the real number for SS? Is it the same message?
@Ron Gejman I called. It goes to a voice mailbox for “Student Services” and says they are in only from 9-5.
@Yeah So who wants to call the number and see what it says?
Also, the mailing address at the top makes me suspicious. And finally, what website was this on that was hosted by google? Blogger, docs, in the achieves? where?
@Mariam Abacha CONFIDENTIAL
Dear Sir,
Good day and compliments. This letter will definitely come to you as a huge surprise, but I implore you to take the time to go through it carefully as the decision you make will go off a long way to determine the future and continued existence of the entire members of my family.
Please allow me to introduce myself. My name is Dr. (Mrs.) Mariam Abacha, the wife of the late head of state and commander in chief of the armed forces of the federal republic of Nigeria who died on the 8th of June 1998.
My ordeal started immediately after my husband’s death on the morning of 8th June 1998, and the subsequent take over of government by the last administration. The present democratic government is determined to portray all the good work of my late husband in a bad light and have gone as far as confiscating all my late husband’s assets, properties, freezing our accounts both within and outside Nigeria. As I am writing this letter to you, my son Mohammed Abacha is undergoing questioning with the government. All these measures taken by past/present government is just to gain international recognition.
I and the entire members of my family have been held incommunicado since the death of my husband, hence I seek your indulgence to assist us in securing these funds. We are not allowed to see or discuss with anybody. Few occasions I have tired traveling abroad through alternative means all failed.
It is in view of this I have mandated DR GALADIMA HASSAN, who has been assisting the family to run around on so many issues to act on behalf of the family concerning the substance of this letter. He has the full power of attorney to execute this transaction with you.
My late husband had/has Eighty Million USD ($80,000,000.00) specially preserved and well packed in trunk boxes of which only my husband and I knew about. It is packed in such a way to forestall just anybody having access to it. It is this sum that I seek your assistance to get out of Nigeria as soon as possible before the present civilian government finds out about it and confiscate it just like they have done to all our assets.
I implore you to please give consideration to my predicament and help a widow in need.
May Allah show you mercy as you do so?
Your faithfully,
Dr (Mrs.) Mariam Abacha (M.O.N)
N/B: Please contact Dr Galadima Hassan on this e-mail address for further briefing and modalities
@Ron Gejman EEk, Bwog can you fix those links to here http://bwog.net/index.php?page=post&article_id=3498 and here http://www.customtollfree.com/toll-free-reverse-lookup.html) respectively?
@Ron Gejman The SAME thing happened last year – and Bwog even covered it: [ external link to bwog.net ]
Same email address, but different phone number.
I did a lookup on the 888 number ( [ external link to http://www.customtollfree.com ] and found it registered under Paetec Communications. I thought, perhaps this is Columbia’s “registrar” for 888 numbers? So I tried finding other Columbia 888 numbers by searching on Google for “888” under columbia.edu. No luck, so no way to find out if Columbia uses Paetec.
The email headers look ok though… The email is being sent via a Columbia server.
@DHI If this is a scam, what you supposed to be doing?
I ain’t doing shit but complaining. If me complaining made anybody money, somebody would be rich.
@Well If this is spam I would actually be even more freaked out given that it had my home address at the top.
@Actually It has my old home address at the top of it, as I did in fact change it on SSOL. So I am leaning towards this being spam but also being somewhat true, because I have no idea where else someone would have gotten my uni and old home address unless there was some kind of security breach.
@And finally the email I got was different to the one posted on Bwog…it didn’t tell me I had a free subscription to anything:
‘As a precaution, we recommend you activate a fraud alert with the major credit bureaus, or periodically request a credit report to look for potential irregularities and ensure that no new accounts have been activated in your name. Each agency has an automated fraud alert process. If you activate a fraud alert, the agency you contact will notify the other two agencies so that those agencies also can place fraud alerts on your accounts. In addition, each agency will provide you a copy of your credit report at no cost. The contact information for the credit agencies is as follows:
Equifax – (800) 525-6285 – http://www.equifax.com
Experian – (888) 397-3742 – http://www.experian.com
Trans Union – (800) 680-7289 – http://www.transunion.com ‘
@the cute lolcat makes me feel somewhat better.
@Legal Is there any kind of legal action we can take? Columbia has done this before, done it now, and will do it again. Any thoughts?
@DHI I am at work right now making money for some identity thefter.
@DHI Fuck this, man.
I don’t give a shit if they know my “housing information.” Some asshole comes to where I live, well then at least I got a chance.
But social security number, damn.
Whose fucking idea was it to have some number that fucks you over if it goes public and makes it hard to get jobs if it ever changes?
@this annoys me farking columbia
even the adorable lolcat doesn’t make up for the fact i’m going to have to check my credit now
@we were pwned.
@wtf how do we know that this email isn’t a fraud??
@jon i called housing and they said “we only heard about it after a few students called in to tell us…” they suggested i call public safety.
public safety said that they just heard about it and they think its spam…
@jon SCAM rather…
meanwhile, someone knows all of our mailing addresses
@bwog? can you please try and verify this e-mail?
@ummm yeah.. because I got this and I was pretty freaking pissed off. But what if it is just some scam and the email to come later is a pishing email! It could be a very elaborate/brillant pishing scheme.
@ummm again and wait what the heck the email is from “Student Services Assist” … that definitely does not exist. Plus why would columbia have us calling an 888 number? Definitely fake.
@who loves how they wait to tell you until the end of the second paragraph? as if to prepare you for the blow, that you identity has been posted for the world’s leisurely viewing.
well, as a fellow poster has commented, free stuff is nice. even if it means that, because my identity has been stolen, my fake self out selling stolen cars somewhere will be using the loot instead of me.
@And It’s such a good job that they went to the trouble of making the IDs without SSNs on them, and waited for off campus flex, give that for the past year and a half everyone’s SSNs were apparently readily available!
@I love that... they had the file removed the day it was discovered. Good Work, although this quick action was somewhat trivial since it had been up for 16 MONTHS PRIOR.
@CC 07 Since Columbia issued me a fake SSN due to my lack of one, joke is on anyone that tries to use it.
@hate this school. hate it. You probably know you were among the 5000 if you got an email telling you so:
“Nevertheless, it is important for you to be
aware that your name and Social Security Number were included in the file.”
@how do we know if we were among the 5000?
@you know because they email you.
unfortunately they emailed me. :(
@CC'09 Why do current students not get a 2 yr subscription to that? Wtf?
@FREE! I’m all for free stuff. Hopefully I wasn’t among the 5,000, though.
@Ha... Columbia strikes again. Might as well tell us we’ve all caught meningitis and give us a “Cold Packet” as compensation.