http://latimesblogs.latimes.com/lanow/2009/11/personal-data-of-cal-...

The Social Security numbers, home addresses and phone contacts for at least 300 students who applied for admission to Cal Poly Pomona six years ago were unintentionally disclosed online, the university said today.

The applicants were notified this week and urged to contact credit-reporting agencies, school official said.

The personal information, which did not include financial data, “was mistakenly put in a publicly accessible folder on a university server in November 2003," and Google and other search-engine companies mined the data, according to a statement released by Tim Lynch, senior media communications coordinator for Cal Poly Pomona.

Lynch said a maximum of 355 applicants could have been affected.

The file containing the applicants’ data was removed from the university server in November 2008, when it came to the attention of university officials that it was publicly accessible, Lynch’s statement said.

But school officials were unaware that “some of the contents of the file were retained in keyword indexes maintained by Google,” it added.

When a former student applicant notified the university on Aug. 20 that he’d come across his personal information while searching Google, the university contacted Google and asked the firm to purge the information from its servers. There was “no evidence or knowledge that any information was misused,” the university said.

All of the applicants whose information was potentially available on a public site were informed by mail on Tuesday. They were also encouraged to contact credit-reporting agencies. California residents are entitled to one free report annually.

“We take the protection of personal information very seriously and have taken remedial measures to try to ensure that this situation is never repeated,” Stephanie Doda, chief information officer at Cal Poly Pomona, said in the statement.