University of Toledo, Two Stolen Computers, Unknown Number of Victims
Technorati Tag: Security Breach
Date Reported:
8/2/07
Organization:
University of Toledo
Contractor/Consultant:
None
Number Affected:
Unknown
Types of Data:
Name, Social Security number, and grade changes.
Breach Description:
Two computers from the University of Toledo's Department of Health and Rehabilitative Services were reported stolen in July, 2007. One the computer hard drives were the confidential and personally identifiable data.
Reference URL:
toledoblade.com/apps/pbcs.dll/article?AID=/20070802/NEWS21/70802036
Report Credit:
Toledo Blade
Commentary:
Unencrypted sensitive data on client machines. Sad but true.
Response:
From the article cited above:
"The letter sent by Lynn Hutt, UT’s compliance and privacy officer, said there is no indication the personal information was targeted in the theft and “we believe the risk is minimal.”
People are asked to lock office doors, use strong passwords, and save sensitive data on a secure university server rather than on personal computers or storage devices."
[Comfyllama] These are good tips that need to be included in policy and enforced through various administrative and technical controls.
Past Breaches:
None since August 2007
Date Reported:
8/2/07
Organization:
University of Toledo
Contractor/Consultant:
None
Number Affected:
Unknown
Types of Data:
Name, Social Security number, and grade changes.
Breach Description:
Two computers from the University of Toledo's Department of Health and Rehabilitative Services were reported stolen in July, 2007. One the computer hard drives were the confidential and personally identifiable data.
Reference URL:
toledoblade.com/apps/pbcs.dll/article?AID=/20070802/NEWS21/70802036
Report Credit:
Toledo Blade
Commentary:
Unencrypted sensitive data on client machines. Sad but true.
Response:
From the article cited above:
"The letter sent by Lynn Hutt, UT’s compliance and privacy officer, said there is no indication the personal information was targeted in the theft and “we believe the risk is minimal.”
People are asked to lock office doors, use strong passwords, and save sensitive data on a secure university server rather than on personal computers or storage devices."
[Comfyllama] These are good tips that need to be included in policy and enforced through various administrative and technical controls.
Past Breaches:
None since August 2007
Posts Atom 1.0
UPDATE ON THIS BREACH:
"University of Toledo professor accused in theft of hard drive" reported by Meghan Gilbert of The Toledo Blade. Read here: http://toledoblade.com/apps/pbcs.dll/article?AID=/20070807/NEWS02/70807039. The computers have still not been recovered.
Reply to this