As soon as the ITS department was made aware of the security problems for employee emails, corrective measures were taken, said Director of Information Technology Services Michael Schalip.
The security loophole allowed employees to view emails sent to many departments including Financial Aid, the Cashiers Office, and the Records Department. Many of these emails included private student information.
Every cyber-security issue concerning a FERPA dispute is taken very seriously by CNM, said Schalip.
Access to the department emails in Outlook for all work-study students and employees, except essential CNM personnel, was revoked within 30 minutes of the CNM Chronicle having discovered thousands of emails sent to many offices across campus, he said.
“All CNM employees take mandatory FERPA training and are expected to abide by FERPA regulations, but whether this incident would fall under a violation of FERPA, that is not clear,” said Schalip.
If an employee accesses a student’s record for reasons other than official CNM business, it would be a potential violation of FERPA on the part of the employee, he said.
There has not been such an incident to date at CNM, said Schalip.
Student Poll: “Do you know what FERPA is?”
Therese Sossman, Paralegal Studies
“I have an idea that it has to do with federal education funding.”
Chancey Begay, Culinary Arts
“Nah, never heard of that.”
Eve Bethoney, Liberal Arts
“I am aware of it, and I think it is a good thing and overall it would help everyone.”
