Georgetown University Data Loss Affects 38,000 Students, Faculty, and Staff
Georgetown University in Washington, D.C. has alerted the public via a press release (http://explore.georgetown.edu/news/?ID=30979) of a data breach incident stemming from the loss of an external computer hard drive. The lost hard drive contained the personally identifiable information including names and social security numbers for approximately 38,000 current and former students, faculty, and staff.
Georgetown is offering free credit monitoring for those affected by this data loss incident. A toll-free telephone number (866-740-2458) has been setup to handle questions by those who may be affected by this information security breach. Georgetown is taking the correct steps in recovering from this incident.
However, it is still amazing to me with the current proliferation of portable storage devices such as external hard drives and USB memory sticks, that organizations don't put into place and enforce stronger IT policies to prevent storage of such sensitive data without any encryption on removable disks and/or memory media.
When will organizations learn to better protect the personally identifiable information they have been entrusted with by their clients, business partners, and employees? It is my hope this lesson is learned and these types of data loss incidents don't keep occurring.
Comments