4,375 De Anza College Current and Former Students Personal Data on Stolen Laptop
Technorati Tag: Security Breach
Date Reported:
9/7/07
Organization:
De Anza College
Contractor/Consultant:
None
Victims:
Current and former De Anza College mathematics students
Number Affected:
4,375
Types of Data:
Name, address, grades, and Social Security numbers.
Breach Description:
A laptop was stolen from the home of a De Anza College mathematics instructor that contained sensitive personal information.
Reference URL:
http://www.nbc11.com/news/14063454/detail.html
http://www.mercurynews.com/crime/ci_6825076
Report Credit:
nbc11.com
Response:
From the online articles depicted above:
"De Anza College announced Thursday that thousands of former students might be at risk for identity fraud after an instructor's laptop computer, containing students' personal information, was stolen last month."
"The computer was stolen from the instructor's home on Aug. 24 and reported to the college on Aug. 27."
"The college has not released the instructor's identity."
[Comfyllama] Probably a good idea for his/her own safety.
"But the laptop and its personal information were password protected, according to a district spokeswoman, and there was no evidence that any of the information has been used."
[Comfyllama] But, so what!?! Who in their right mind believes that password protection is enough to protection by itself? No encryption = No protection as far as I am concerned.
""The district is concerned about protecting personal information," said Becky Bartindale, a spokeswoman for Foothill-De Anza Community College District. "There will be lots of discussions about this and quite possibly there will be changes made.""
[Comfyllama] Concern and discussions do NOT protect data. Sound security and business changes will. This statement makes me feel all wishy-washy.
Commentary:
Let me catch a thought here for a second, we have a mathematics instructor taking a laptop home that contains Social Security numbers on over 4000 students and the district "quite possibly" will make changes? I assume that Social Security numbers are used in this school as identifiers instead of student identification numbers. I also assume that taking confidential data out of the office on portable computing devices is not against De Anza policy and there are other faculty that do the same thing.
In this case, change is a good thing. Even a mandatory thing!
Past Breaches:
None
Date Reported:
9/7/07
Organization:
De Anza College
Contractor/Consultant:
None
Victims:
Current and former De Anza College mathematics students
Number Affected:
4,375
Types of Data:
Name, address, grades, and Social Security numbers.
Breach Description:
A laptop was stolen from the home of a De Anza College mathematics instructor that contained sensitive personal information.
Reference URL:
http://www.nbc11.com/news/14063454/detail.html
http://www.mercurynews.com/crime/ci_6825076
Report Credit:
nbc11.com
Response:
From the online articles depicted above:
"De Anza College announced Thursday that thousands of former students might be at risk for identity fraud after an instructor's laptop computer, containing students' personal information, was stolen last month."
"The computer was stolen from the instructor's home on Aug. 24 and reported to the college on Aug. 27."
"The college has not released the instructor's identity."
[Comfyllama] Probably a good idea for his/her own safety.
"But the laptop and its personal information were password protected, according to a district spokeswoman, and there was no evidence that any of the information has been used."
[Comfyllama] But, so what!?! Who in their right mind believes that password protection is enough to protection by itself? No encryption = No protection as far as I am concerned.
""The district is concerned about protecting personal information," said Becky Bartindale, a spokeswoman for Foothill-De Anza Community College District. "There will be lots of discussions about this and quite possibly there will be changes made.""
[Comfyllama] Concern and discussions do NOT protect data. Sound security and business changes will. This statement makes me feel all wishy-washy.
Commentary:
Let me catch a thought here for a second, we have a mathematics instructor taking a laptop home that contains Social Security numbers on over 4000 students and the district "quite possibly" will make changes? I assume that Social Security numbers are used in this school as identifiers instead of student identification numbers. I also assume that taking confidential data out of the office on portable computing devices is not against De Anza policy and there are other faculty that do the same thing.
In this case, change is a good thing. Even a mandatory thing!
Past Breaches:
None
Posts Atom 1.0
Comments