Blog

Archive for July, 2010

Personal Info of 93,000 Exposed in University Data Breach

Saturday, July 31st, 2010

Buena Vista University announced that a database was compromised containing data such as names, Social Security numbers, and driver’s license numbers of 93,000 students, parents, current and former faculty and staff, alumni and donors dating back to 1987.

Had the information stored in the database been encrypted, the breach of the database would not have exposed the sensitive data.

Tags: , , ,
Posted in Security Breaches & Data Loss Incidents | 1 Comment »

Zeus Compromises Student Data at University of Oklahoma

Monday, July 12th, 2010

The University of Oklahoma has revealed that a laptop compromised by a variant of the Zeus botnet may have exposed or compromised sensitive information on OU students–including Social Security numbers. There are no further details yet available regarding the scope of the potential compromise. According to this blurb from KOCO.com, though, “OU officials said they are not aware of any instances of identity theft or similar problems as a result of the breach, but they said they can’t be certain that student information was not compromised.

One way that OU would be able to be certain that student information was not compromised is if the data stored on the laptop, or on servers the laptop has access to was encrypted. I am not sure why these incidents seem to occur almost exclusively at medical establishments and educational institutions, but simply investing in the proper security controls up front can save time, money, and embarrassment for the organization, as well as protecting the personal and sensitive information the organization has been entrusted with.

Tags: , , , , , ,
Posted in Security Breaches & Data Loss Incidents | No Comments »