Hacked: University of Colorado at Boulder Announces the Potential Exposure of 44,998 Names of Students and Their Social Security Numbers
The University of Colorado at Boulder has announced (http://www.colorado.edu/news/releases/2007/224.html) a data breach that has placed the names and Social Security numbers of 44,998 students at risk for identity theft (ID theft).
The intrusion on the computer server for the College of Arts and Science's Academic Advising Center, was discovered on May 12 by university IT security staff. Initial review indicated that an intruder was able to install a malicious program, known as a computer worm, on the affected computer server. At this time the university does not believe the personal information including social security numbers were accessed by the intruder. However, the university is providing a website with additional information for those affected students at: http://www.colorado.edu/its/security/aac052007/.
I agree, universities should foster a culture of openness and sharing, but must also balance the need for openness with robust information security governance and privacy protection programs.
Comments