What happened?
Has my personal information been stolen?
Why was information on this laptop? (updated 5/8/08)
Do you know who stole the laptop?
What steps did SunGard take in response to the incident? (new 5/8/08)
I have not received a notification about the privacy incident. Does that mean that I am not affected? (new 5/8/08)
Has anybody reported identity theft? (new 5/8/08)
What steps are being taken to prevent another similar incident? (new 5/8/08)
If I am affected, what should I do?
If I am affected, how do I set up credit monitoring?
Once I have my credit monitoring activation code, what do I do?
What company has been selected to provide credit monitoring? (updated 5/7/08)
I activated my credit monitoring membership before you extended to cover 2 years or 24 months. What do I need to do? (new 5/7/08)
Is there a deadline to register for the package of credit protection services? (new 5/8/08)
I am having trouble with the Experian website, what do I do?
How do I request a copy of my credit report (new 5/8/08)
What should I look for in my credit report?
What if I find a problem in my credit report? (update 5/3/08)
How do I place a fraud alert on my credit file? (new 5/8/08)
Can I extend a fraud alert placed on my credit file? (new 5/8/08)
How do I place a security freeze or credit freeze on my credit file? (new 5/8/08)
Will someone call me to confirm that my information has been stolen?
What happened?
A laptop belonging to a consultant at SunGard Higher Education was stolen on March 13, 2008. At that time, the theft was reported to law enforcement but the laptop has not been recovered. The laptop, however, was protected with a strong password. After a complex analysis of a backup of the computer, SunGard Higher Education found that the stolen laptop contained personally identifiable data. Security teams from affected institutions and SunGard Higher Education are working together to analyze and verify the data and notify affected individuals.
Has my personal information been stolen?
We are not aware of any misuse of personally identifiable information. Individuals affected by this incident are being provided with credit monitoring services through Experian. We encourage anyone concerned with protection of his or her identity to visit http://www.idtheftcenter.org.
Why was information on this laptop? (Updated 5/8/08)
The employee’s job included analysis of customer data as part of software implementation and upgrade projects. That being said, contrary to company policy, the laptop did contain unencrypted (readable) personally identifiable information.
Do you know who stole the laptop?
No, unfortunately the investigation did not result in identification of the thief or recovery of the laptop. Nevertheless, efforts to recover the laptop are ongoing.
What steps did SunGard take in response to the incident? (Updated 5/8/08)
Based on the complex nature of the data, a great deal of investigative and reconstructive work was needed before SunGard Higher Education could accurately identify and notify affected institutions and individuals. The most time consuming work involved the manual review of thousands of files.
I have not received a notification about the privacy incident. Does that mean that I am not affected? (New 5/8/08)
The majority of affected institutions have sent letters or email notifications to the affected individuals from their institutions. The majority of affected individuals should have received notices by now. If you did not receive a letter and remain concerned that you may have been affected, you may request information by calling our toll free hotline, 866.520.2408.
As our forensic analysis of the laptop back-up data continues, if new personally identifiable information is identified we will notify individuals as we receive that information.
Has anybody reported identity theft? (New 5/8/08)
To date, we have no confirmed reports of any misuse of personally identifiable information directly related to this laptop theft. We are providing a number of services to individuals affected by the laptop theft including call center support, website support, credit monitoring and recommending that individuals request and review a copy of their annual free credit report.
What steps are being taken to prevent another similar incident? (New 5/8/08)
This data breach was the result of policies and procedures not being followed. That is unacceptable and has prompted SunGard’s CEO to order a top-to-bottom review of information security policies and procedures encompassing all business units and corporate departments. SunGard is working proactively to assure that personally identifiable information, whether belonging to our customers or our employees, is protected from theft and accidental or unauthorized disclosure. SunGard has continued to take the steps necessary to minimize the likelihood of such an incident occurring again. Our desired goal is to develop and implement the best security measures in the industry. For more information regarding the Task Force created for this purpose please see “SunGard Creates Information Security Task Force."
If I am affected, what should I do?
Individuals affected by this incident are being provided with credit monitoring services through Experian. Please follow the instructions in the communications you have received to set up credit monitoring.
We encourage anyone concerned with protection of their identity to request a free credit report from one of the three major credit reporting agencies through www.annualcreditreport.com and review it for any irregularities or accounts that you don’t recognize. Since identity theft is a fast growing crime in the U.S., this is a good practice to do on a regular basis anyway. For instructions, please review the “Protecting Your Credit” section on this site.
If I am affected, how do I set up credit monitoring?
If the notification letter you received contains detailed instructions with a credit monitoring activation code, please follow those instructions.
If your notification letter does not include a credit monitoring activation code but does include a PIN either in the body of the letter or above your address block, please call the information center at 866.520.2408 to obtain your credit monitoring activation code.
Once I have my credit monitoring activation code, what do I do?
Please visit http://partner.consumerinfo.com/start and enter the nine character alpha numeric credit monitoring activation code you received either in your letter or from the information center. You will be instructed on how to initiate your online membership. Because this is a secure site, please note that there is no www in this URL.
What company has been selected to provide credit monitoring? (updated 5/7/08)
ConsumerInfo.com, Inc., an Experian® company has been selected to provide affected individuals with credit monitoring. This credit monitoring product known as Triple AlertSM will identify and notify members of key changes in your three national credit reports that may indicate fraudulent activity. SunGard Higher Education is now providing affected individuals who register with two years of credit monitoring support services. Memberships activated by affected individuals prior to 5/7/08 will automatically convert to a 24 month membership.
Complimentary 24 month membership for affected individuals includes:
- Monitoring all three credit files with Experian, Equifax® and TransUnion® – everyday
- Email alerts of key changes indicating possible fraudulent activity – within 24 hours
- Monthly “No Hit” alerts, if applicable
- Dedicated team of fraud resolution representatives for victims of identity theft
- $25,000 identity theft insurance with no deductible*
*Due to New York state law restrictions, identity theft insurance coverage cannot be offered to residents of New York.
Affected individuals have until August 1, 2008 to activate this membership, which will then continue for 24 full months. We encourage affected individuals to activate credit monitoring membership quickly.
I activated my credit monitoring membership before you extended to cover 2 years or 24 months. What do I need to do? (new 5/7/08)
Memberships activated by affected individuals prior to 5/7/08 will automatically convert to a two year membership. Experian will be contacting these individuals directly to notify them of the extended service.
Is there a deadline to register for the package of credit protection services? (new 5/8/08)
Yes. Individuals whose information was potentially exposed in connection with this incident are eligible for the SunGard Higher Education credit protection services support and should promptly consider whether they wish to register. The deadline to register for these services is August 1, 2008 or 90 days from the date on their notification letter, which ever is later.
I am having trouble with the Experian website, what do I do?
If you have received your credit monitoring activation code, have visited the correct site (yet are still having trouble), please contact Experian’s Toll Free Customer Care center at 866.252.0121.
How do I request a copy of my credit report? (new 5/8/08)
You can request a free copy of your credit report once a year from each of the three main credit bureaus through the Annual Credit Report Request Service by calling (877) 322-8228 or visiting www.annualcreditreport.com. Many people choose to stagger their requests so they receive a copy from one of the agencies every four months. Please visit Requesting a Copy of Your Credit Report for more information.
What should I look for in my credit report?
In your credit report, be alert for any suspicious activity. Look especially for any accounts you didn’t open and any charges you didn’t make. Look at the inquiries or requests section for names of creditors from whom you haven't requested credit. Look in the personal information section to confirm the accuracy of addresses where you have lived and your Social Security number. Any suspicious activity in these areas may be indications of a fraud attempt. Also be alert for calls from creditors or debt collectors about bills that you don't recognize and for unusual charges on your credit card bills.
What if I find a problem in my credit report? (update 5/3/08)
Individuals affected by the laptop theft are being provided with Credit Monitoring services through Experian. We strongly recommend that you activate your credit monitoring membership. If you find anything that looks wrong or suspicious, put your credit monitoring service to work and contact Experian. They will assign a case worker to help you. Experian is the only credit bureau that allows online disputes for fraudulent activity or if a consumer disagrees with an item on his or her credit report. In addition, SunGard Higher Education will work with law enforcement to investigate any suspected incidents of identity theft. Please call the information center at 866.520.2408 to report any such suspected activity.
How do I place a fraud alert on my credit file? (new 5/8/08)
By placing a fraud alert on your consumer credit file, you let creditors know to watch for unusual or suspicious activity in any of your accounts, such as someone trying to open a credit card account in your name. Please visit Placing a Fraud Alert on Your Credit File for more information.
Can I extend a fraud alert placed on my credit file? (new 5/8/08)
You may extend a free 90-day fraud alert by reinstating the alert when it expires. There is no limit to the number of times a free alert can be placed on your account, but the responsibility for reinstating the alert rests with you. Please visit Extending a Fraud Alert for more information.
How do I place a security freeze or credit freeze on my credit file? (new 5/8/08)
In most states you can put a “security freeze” on your credit file. A security freeze means that your file cannot be shared with potential creditors. Most businesses will not open credit accounts without first checking a consumer’s credit history. If your credit files are frozen, even someone who has your name and Social Security number would not likely be able to get credit in your name. Please visit Placing a Security Freeze for additional information.
Will someone call me to confirm that my information has been stolen?
SunGard Higher Education will NOT make personal phone calls to affected individuals about this incident. In other cases of identity theft, people have reportedly been contacted by individuals claiming to represent the affected organization and then proceed to ask for personal information, including social security numbers and/or credit card information. Please always be cautious if somebody asks you for your Social Security number, credit card information, bank information or other personal information in a call that you did not originate. We recommend that you do not release personal information in response to any contacts of this nature that you did not initiate yourself.
Because identity theft crimes are on the rise, we recommend that everyone in our higher education community understand the precautionary steps outlined on this website to help guard themselves against potential identity theft.
Other Resources:
Fraud Alerts, Security Freezes, and Other Information
Resource Links
The privacy of your personal information is important to SunGard. Visit SunGard’s Privacy Policy to learn how we respect your privacy.
Updated May 8, 2008