Posted on: Saturday, June 18, 2005
UNIVERSITY OF HAWAI'I
ID theft warning issued by UH
By Beverly Creamer
Advertiser Education Writer
University of Hawai'i officials are contacting about 20 people in the UH library database whose personal information may have been compromised after learning that a former Sinclair library worker was indicted on federal charges of bank fraud stemming from identity theft.
To obtain free credit reports, links to additional information about identity theft and other safety measures, consult www.hawaii.edu/idalert. Last October, Deborah Jenkins was indicted on bank fraud charges relating to identity theft, according to the U.S Attorney's office, which has an ongoing investigation in the case.
The indictment arose from the woman's application for financial aid at UH and is not related to her activities as a university employee.
"We are taking this issue very seriously and strongly advise our staff, students, faculty and other affiliates associated with the university system to, at a minimum, obtain and review their credit report, which is now free under federal law," said David Lassner, UH chief information officer.
Jenkins worked at Sinclair library from January to August 2003, and had access to the library management database with names, Social Security numbers and addresses of staff, students, faculty and public patrons back as far as 1999. Personal information about students, faculty and staff is automatically loaded into the library database to give them access to the library.
The defendant's husband, Paul Jenkins, pleaded guilty to bank fraud in the same case, is in custody and is awaiting sentencing. But federal authorities say Deborah Jenkins is a fugitive.
U.S. attorneys said investigators knew last October when the indictments were returned that Deborah Jenkins had worked at the UH library.
But a UH spokeswoman said only within the past seven to 10 days did investigators inform the university of the potential jeopardy to 20 people in particular and potentially thousands of others.
"Nobody dropped the ball," said UH spokeswoman Carolyn Tanaka, associate vice president for external affairs, responding to a question about whether UH should have connected the dots last October and checked into what data Deborah Jenkins had access to in the library.
"When she was indicted, even though we knew she was working in the university, there was no evidence to indicate she had gotten any identity of anyone within the university," said Tanaka. "There was no reason to believe at that point, even though she had access to the system ... that the system could have been compromised."
Tanaka said federal investigators came to UH officials two weeks ago with information they had uncovered "that indicated to them she may be committing identity theft based on her access to the library."
It's because of that new information that the university has issued its alert to all faculty, staff, students, affiliates and patrons of its 10 campuses.
Tanaka said the university does criminal background checks on civil service employees hired by the 10-campus system, but it was not clear whether those hired for non-civil service positions are scrutinized as thoroughly.
"We do run background checks on people in sensitive positions, such as over at the Lab School and the childcare centers," said Tanaka. "Also if they handle certain kinds of material that's sensitive, either financial or environmental."
The U.S. Secret Service, which is also investigating the case, said Deborah Jenkins has a criminal record.
She was hired at first as a student assistant, said Tanaka, and also as a library assistant on an emergency hire basis.
With the assistance of the U.S. Attorney's office and the Secret Service, the university is continuing to try to assess whether Jenkin's access to personal information at UH may have been used in any cases of identity theft involving the university database.
"Security breaches of personal information are a growing national problem that has been hitting major data consolidators, financial institutions and colleges and universities," said Lassner.
Just two weeks ago, the state Department of Education also issued an alert regarding identity theft after seven computers were stolen from DOE offices. The computers may have contained some personnel information about some current and former employees, the DOE has said.
According to investigators, Jenkins applied for financial aid, using her own name plus the name, Social Security number and address of another person who lives on the Mainland as a co-applicant. When that individual began receiving information about the supposed loan, which then turned up on his credit record, he informed authorities of the suspected fraud.
UH officials said the university has been working to strengthen its policies and procedures to protect sensitive information and has instituted the use of a new unique identification number for all students, faculty and staff.
The use of Social Security numbers is being phased out in all non-essential activities.
Reach Beverly Creamer at bcreamer@honoluluadvertiser.com or 525-8013.
UH officials also are encouraging the thousands of current and former students, faculty, staff, affiliates and patrons of any of the system's 10 campus libraries between 1999 and 2003 to check personal credit reports and monitor personal accounts for unusual activity.
Learn more