News & Features » Columns

Happytown: Bright Futures security breach

Private information belonging to nearly 200,000 students eligible for Bright Futures scholarships exposed in October

by and


Back when you were about to graduate from high school, we bet the future looked pretty bright – and if you got halfway decent grades, the state of Florida probably made it look even brighter with a Bright Futures award, a state lottery-funded scholarship disbursed to thousands of students each year.

Recently, though, some students who were eligible for those scholarships from 2005 through 2007 have been getting some pretty dim news. Private information about them, stored on a computer at Northwest Florida State College in Niceville, was exposed due to a security breach that's currently under investigation. Social Security numbers, names, addresses, birth dates and more belonging to 76,000 students who attended Northwest, as well as 3,000 of its employees, were put at risk, according to the Florida Department of Education, which says the security breach was identified during the first week of October. Northwest and the DOE sprung into action, notifying former students and employees via email and its website that they should check their credit reports and take action to secure their identities – job well done, right?

Not if you're one of the 200,000 additional students from across the state – all students who were eligible for Bright Futures scholarships between 2005 through 2007, not just students who went to Northwest – whose private information was also compromised. We're sure they'd be angry if they knew, but it seems like a lot of them aren't aware of it yet because they've long since graduated from college, moved, changed email addresses and, in general, gotten on with their otherwise bright futures.

Happytown contacted the state DOE to ask how it is that the information of so many students who'd never attended Northwest had been compromised by that school's security breach and what the plan for notifying them would be, but the DOE press office told us to check Northwest's website for information. We didn't find much – acknowledgment of the breach and some very helpful info for Northwest students, mostly. But if you didn't attend Northwest, there's just a phone number directing you to call the DOE (800-688-0656) if you want more information, or if you think you may be one of the unlucky couple of hundred thousand whose identities may be at risk. We talked to students who attended the University of Central Florida and the University of Florida in Gainesville who heard through the grapevine that their information may have been part of the security breach and have put flags on their credit reports. Neither, however, had heard about it from the DOE, which has told other media outlets that it could take a while to track down and notify all the students it'll need to reach.

How long? Nobody seems to know, nor do they seem overly anxious about it. Meanwhile, it only takes a few minutes for a loser who gets your Social Security number and birth date to apply for a T.J. Maxx credit card in your name. What a steal!