Press Release

Information for Some Vol State Students and Faculty Found Vulnerable on Web Server



Some 14,000 Volunteer State Community College students and faculty are being notified that some of their personal data was placed on a web server. Based on a review of server logs, it is unlikely that the files have been accessed since 2008, outside of college personnel. Although it’s possible that this data could have been accessed by unauthorized individuals on the web, campus officials say they have no direct evidence that it has been discovered or used by anyone maliciously.

There was no credit card or financial information in these files. This is not the main web server, but one where a course instructor would typically post course syllabi and other relevant academic information. A very limited number of faculty files were involved. The files contained names and Social Security numbers. The files were immediately removed from the web server. We want to reiterate that this information was not placed on Vol State’s main site, www.volstate.edu. The server in question has been removed from the web.

We believe that most of the affected students are former students. Some of our instructors serve as an adjunct instructor at other institutions, so some information posted included a limited number of students attending other institutions.

"We are notifying the affected students and faculty members as a precaution," said Bruce Scism, interim president. "We have contacted the major credit reporting agencies and informed them that some of our students’ and faculty member’s personal information may have been accessible. We want to err on the side of caution."

College officials recommend those on the list place a "fraud alert" on their credit files with the major credit bureaus. The alert is a free service that will request that creditors verify an individual’s identity before opening a new account. The college also created a web site at www.volstate.edu/securityID to make people aware of the situation and provide information to students about protecting their private information. In addition, all affected students will receive one-year of credit protection from Volunteer State Community College upon request.

"We regret what has happened and apologize for the inconvenience this may cause," Scism said. "Vol State takes the protection of personal information very seriously. The college had policies and employee training sessions regarding the protection of such information. Vol State is reviewing and changing those processes in order to keep personally identifiable information in a secure environment. The college has already implemented several measures that should keep a problem like this from recurring."

A phone number has been set up to handle calls about this matter. It is 615-230-3390. The website, with links to credit agencies, can be found at www.volstate.edu/securityID