KENTUCKY UNIVERSITY STUDENTS DATA STOLEN http://www.kentucky.com/mld/kentucky/news/14840588.htm

Academic and personal information of as many as 6,500 current and former University of Kentucky students was stolen late last month, making them vulnerable to identity theft, university officials said yesterday.

In letters, the university urged the affected students and alumni to review all credit card and financial information for suspicious activity.

This is the second time in less than a month that the university has reported the potential for identity theft. In a previous incident, the personal information of 1,300 current and former employees was accidentally made accessible on the Web for 19 days in May.

In the latest case, the information was on a flash memory drive, which a professor in the School of Human and Environmental Sciences left in a classroom. Portable flash drives, which are also called thumb or jump drives, can store as much information as acomputer hard drive.

The professor, who was not identified by the university, left the flash drive in a classroom in late April. He first thought he had misplaced it but later concluded it had been taken, said Jay Blanton, a spokesman for the university. The professor reported the theft to the UK police on May 26.

Officials do not think the flash drive was taken for its identity theft potential.

"It is our suspicion that a student may have taken the thumb drive in an attempt to steal a final exam," the university Office of Legal Counsel wrote in a letter to the students and alumni, which was sent yesterday. "However, we have no proof of that suspicion as well as no proof of possible identitytheft."

In the letter, the Office of Legal Counsel told students and alumni only that they had been contacted because they took a family studies course.

"This is a regrettable incident, and we are deeply sorry that it has occurred," Frank Butler, the executive vice president of finance and administration wrote in e-mail to the UK community about the theft. "We are doing everything possible to alert students and former students who may have been impacted."

Officials think the drive contained the students' names, their grades for the professor's classes and their Social Security numbers, which the university uses as identification. The university is in the process of creating a non-Social Security-based identifier for students.

The flash memory drive contained 130 files, but it is unknown how many of the 6,500 students' information was on the drive. As a precaution, the university decided to contact all of the students who were mentioned in some way on the professor's officecomputer, Butler said in the e-mail.

Officials learned of the flash drive theft on May 26, after the professor reported it to the UK police.

The university waited until yesterday to discuss the theft publicly because it was trying to find addresses for the students who may have been affected, Blanton said. Officials estimate that 15 percent of the 6,500 students are still at the university and the rest are alumni, he said.

The news made Travis Jacobs, a junior majoring in finance, uncomfortable, even though he isn't one of the 6,500 students who took a class with the professor.

"I've gotten my credit card stolen before, so I'm paranoid," he said.