CHICO, Calif. - A data breach at Chico State University exposed the personal information of students who requested COVID-19 vaccination religious exemptions.
According to the Associated Press, the information was posted on an anonymous internet message board and leaked records for about 130 students.
In the report, a commenter on the message board linked a spreadsheet detailing explanations from students who requested to be exempt from getting the vaccine to attend school.
Several student names and phone numbers were also posted on the spreadsheet.
Some students didn’t feel like this was a big problem, while others said they were concerned.
“It’s not that big of a deal in my opinion,” Chico State student Brandon Weaver said. “I know it’s a HIPAA violation to get your personal medical information leaked. I wouldn’t care if someone knew I was vaccinated or not. That’s my take on it.”
“It’s weird to know that my information could also be out there,” Ava Paredes, another student, shared. “I feel like if other people have personal things on the information that they gave would be scary.”
The Associated Press said the spreadsheet shows about half of the requests in the document were approved.
The CSU vaccination requirement allows for medical and religious exemptions.
The school system requires its 56,000 faculty and staff and roughly 500,000 student body to be vaccinated against COVID-19.
Andrew Staples, the Public Relations Manager for Chico State, provided a statement to Action News Now. The statement is below:
Students’ medical and religious exemption requests are protected information. We are aware of the documents posted online and circulated among the media. We are investigating this incident, while also taking a number of proactive steps to protect students’ confidential information.