IUP is continuing mitigation efforts after a data breach in 2020 that involved athletic cases monitored by the university’s athletic trainers.
A total of 2,014 people were affected by the unauthorized access to data in the Athletic Trainer System managed by Keffer Development Services. The information includes name, birthday, medical history, rehab information and sometimes social security numbers. Out of those impacted, 1,588 did not have their social security number exposed in the breach.
Keffer Development Services is working with the FBI in the investigation and IUP is following notification guidelines in the state’s Breach of Personal Information Notification Act and granting voluntary notification to the Department of Education’s Federal Student Aid Internet Gateway. While IUP has mailed out letters to 1,766 individuals, there are still some that they have not been able find addresses for. People affected are being offered free identity protection services.
