Clik here to view.
Students data compromised at the University of Tampa
Every University has a data security policy in place and tries its best to secure confidential information of its students, alumni, staff and faculty. In spite of this, student data is getting compromised and private data getting misused. The recent data breaches at Missouri State University, University of South Carolina and Midland Tech shows that educational and student data is vulnerable and susceptible to compromise.
The University of Tampa breach
Private data of about 30,000 students and staff at the University of Tampa remained open on the Interne for anyone to see. The information was seen in the form of an file indexed by Google and displayed name and long string of numbers — social security number, student ID number and date of birth.
On Mar 13 some students were practicing advanced search techniques and that’s when they bumped on to this data. They immediately informed about this accident to the information technology department. This happened because the file got created as a back-up a new server was installed in July 2011 and in turn the file accidentally got indexed by the search engine.
Post-incident, Google has taken down this file and removed it from the cache.
What is UT doing post-breach?
The University plans to send a letter to students and staff regarding the breach. At the same time the students may contact the IT department to find out if they were on the list of those affected.
According to the University officials there is no evidence of the information being misused till date. Nevertheless, the University has offered to pay for fraud alert services for anyone who requires them.
Data breach history at the University of Tampa
Two other breaches were reported in January 2000 and July 2011 that had affected about 30,000 records related to faculty, students and staff.
As this is the third data breach in the University’s history, it is needless to say students at the downtown university are concerned about their data and authorities are having a hard time convincing students about data security policies.
Statements
According to Cpl. Bruce Crumpler, economic crimes division of the Hillsborough County Sheriff’s Office, “I’m not sure I can find words to express how worried they should be,”. “I think they should be very concerned.”
Paul Stephens, director of policy and advocacy for the Privacy Rights Clearinghouse in San Diego, adds further “This would be categorized as a major and critical breach because of the nature of the information,” he said. “Anytime Social Security numbers are involved, particularly in connection with dates of birth, those are the keys to the kingdom for an identity theft.”
Donna Alexander’s, vice president of information technology, take on the matter
“We took immediate action to take the files down so they would not be accessible any longer,” Alexander said. “We know the exposure is somewhat limited, but we are certainly concerned about any exposure whatsoever.” In this case there was a situation where the protective measures for that particular directory were not as tight as they should have been,” Alexander said.
Encrypt your data with Alertsec’s help and stay safe
Universities and educational institutes are now made aware about their data security and are implementing data encryption techniques. Alertsec uses encryption software to protect data from breaches and theft.
Alertsec Xpress is backed up by Check Point Full Disk Encryption and is used by over 4 million users worldwide, with single deployments exceeding 150,000 laptops and PCs. This is the most deployed software of its kind and is seen as today’s market leader.
