Southwestern Oregon Community College announces stolen laptop
Technorati Tag: Security Breach
Date Reported:
1/16/09
Organization:
Southwestern Oregon Community College
Contractor/Consultant/Branch:
None
Location:
Coos Bay, Oregon
Victims:
"current and former students"
Number Affected:
"approximately 200"
Types of Data:
"student record information"
Breach Description:
"COOS BAY, ORE - The privacy of hundreds of community college students is put at risk, after someone steals a laptop computer from the campus at Southwestern Oregon Community College."
Reference URL:
Southwestern Oregon Community College press release
KCBY Channel 11 News
Report Credit:
Southwestern Oregon Community College
Response:
From the online sources cited above:
On Thursday, a Southwestern Oregon Community College laptop was stolen from an office on the Coos Bay campus.
The new computer contained select categories of student record information for approximately 200 current and former students.
[Evan] I'm not sure how pertinent the "new computer" reference is and I don't know what data are included in "select categories of student record information". Hopefully the affected students get more detail.
Following our procedure, affected students have been contacted and their student records at SOCC have been put on a privacy hold to prevent unauthorized access.
[Evan] A privacy hold will only work if the information is used at SOCC, but won't do much at all if Social Security numbers and/or financial information is included in "select categories of student record information".
Extra measures of security are being put in place at the college, both to protect the affected students and to be proactive in preventing future thefts.
[Evan] Like what? Why do people use the word proactive when they do something reactive?
Staff and faculty have been emailed reminders regarding policies for handling information and computers.
Other technological security methods are being considered and pursued.
Press Release Date: January 16, 2009
Commentary:
I don't even know why SOCC decided to issue a press release if this is all of the information that they intend to disclose. This press release tells us little more than nothing.
Was the "new computer" encrypted? What personal information is included in "select categories of student record information"? What are the extra measures being put in place to protect against future thefts? What are the other technological security methods are being considered? Are there any administrative and/or physical controls being considered?
This press release is useless.
Past Breaches:
Unknown
Date Reported:1/16/09
Organization:
Southwestern Oregon Community College
Contractor/Consultant/Branch:
None
Location:
Coos Bay, Oregon
Victims:
"current and former students"
Number Affected:
"approximately 200"
Types of Data:
"student record information"
Breach Description:
"COOS BAY, ORE - The privacy of hundreds of community college students is put at risk, after someone steals a laptop computer from the campus at Southwestern Oregon Community College."
Reference URL:
Southwestern Oregon Community College press release
KCBY Channel 11 News
Report Credit:
Southwestern Oregon Community College
Response:
From the online sources cited above:
On Thursday, a Southwestern Oregon Community College laptop was stolen from an office on the Coos Bay campus.
The new computer contained select categories of student record information for approximately 200 current and former students.
[Evan] I'm not sure how pertinent the "new computer" reference is and I don't know what data are included in "select categories of student record information". Hopefully the affected students get more detail.
Following our procedure, affected students have been contacted and their student records at SOCC have been put on a privacy hold to prevent unauthorized access.
[Evan] A privacy hold will only work if the information is used at SOCC, but won't do much at all if Social Security numbers and/or financial information is included in "select categories of student record information".
Extra measures of security are being put in place at the college, both to protect the affected students and to be proactive in preventing future thefts.
[Evan] Like what? Why do people use the word proactive when they do something reactive?
Staff and faculty have been emailed reminders regarding policies for handling information and computers.
Other technological security methods are being considered and pursued.
Press Release Date: January 16, 2009
Commentary:
I don't even know why SOCC decided to issue a press release if this is all of the information that they intend to disclose. This press release tells us little more than nothing.
Was the "new computer" encrypted? What personal information is included in "select categories of student record information"? What are the extra measures being put in place to protect against future thefts? What are the other technological security methods are being considered? Are there any administrative and/or physical controls being considered?
This press release is useless.
Past Breaches:
Unknown
Posted by Evan Francen at 1/26/2009 5:39 PM 
Categories: Stolen Laptop, Southwestern Oregon Community College
Categories: Stolen Laptop, Southwestern Oregon Community College
Posts Atom 1.0
I cannot believe people we entrust our details with are so lax with our details. We are constantly being told to look after our details, don't share them and make your password hard to guess but then you create accounts with companies and they don't offer the same care to our details. A serious breach of security should be taken seriously.
Reply to this