Skip to Content, Navigation, or Footer.
Friday, Nov. 29, 2024
The Emory Wheel

Law School Alumni Personal Info Taken From Emory

Some Emory School of Law alumni's personal information has been used in a fraudulent manner, specifically to make loan applications to a private lender, as well as to possibly obtain other credit accounts and/or Emory academic transcripts, according to emails sent to law school students this month. The Emory Police Department (EPD) is investigating the matter.

EPD has not released any information about how many students were affected by the breach and how the information was obtained.

Emory Police are "involved in an ongoing, active criminal investigation," according to Senior Communications Officer Beverly Clark, who said she was also speaking on behalf of Emory Law School Dean and Asa Griggs Candler Professor of Law Robert Schapiro. She added that officers are currently working with the affected graduates, Emory Law personnel and others.

"It initially came to their attention when it was discovered that a few members had transcripts taken out in their name that they had not requested," Clark said.

The School of Law has taken a number of steps to ensure the privacy of all students in the Class of 2013 and to prevent an incident of this nature from happening again.

The law school will provide access to identity protection and credit monitoring services for all 326 members of the Class of 2013 through Kroll, Inc., a firm that mitigates identity theft risk and provides credit restoration services, Clark wrote in an email to the Wheel.

After the discovery of the breach, the Office of the Registrar, which is responsible for academic transcripts, required that requests for 2013 law student transcripts be made in person or by phone, Clark explained.

Additionally, the law school has advised the Class of 2013 to monitor its credit reports and take extra precautions to protect their personal information, according to Clark.

Since the breach, the Class of 2013 has received a letter sent via first-class mail to notify them about the issue. They were also sent a follow-up email, Clark explained.

Earlier this summer, the University notified students that there had been a breach of its information technology infrastructure. As a result, students, faculty and staff with an Emory username were required to change their password.

However, Clark said that there has been no evidence of a connection between the two incidents.

According to the Information Security Alert sent to the Emory community, the first breach may be linked to cyber attacks against other large organizations and academic institutions.

"I don't think identity theft or security breaches are in any way unique to Emory Law or Emory in general," first-year Emory Law School Matt Johnson said. "I'm sure the administration will do everything it needs to do."

– By Rupsha Basu

Corrections (10/1 at 3:06 p.m.): The original article said the information was "stolen" from Emory's online databases. However, it is actually unclear how the information was accessed, and it is currently under investigation. In addition, the original version said this was discovered in early September. This is incorrect; the investigation is active.