One of the areas where you can always expect to find data breaches is academia. For as long as I have been following data security news stories for this blog, data breaches involving a university setting has cropped up at least every six months. It makes sense, in a way: university settings generally tend to be more technologically advanced, with laptops being almost de rigeur, and a host of other electronic devices making it into the hands of young adults.
But, as the recent escalation of Northwest Florida State College’s data breach shows, data breaches generally tend to be associated with the institution itself, not the preponderance of students’ devices.
About 275,000 Students Affected
A data breach that lasted from May 2012 through September 2012 has affected nearly 300,000 students across Florida. Initially, it was thought to be contained to Northwest Florida State College’s employees (3,000 employee records were stolen); however, the investigation into the hack grew and now encompasses:
3,000 employee records that include information like direct deposit account numbers
76,000 records of current and former students at Northwest Florida State College that contain personal information
200,000 records that included names, SSNs, birthdates, etc., for any student eligible for the Bright Futures scholarships for 2005 – 2006 and 2006 – 2007
Crime in Progress
Unlike past instances where a disk full of sensitive data goes missing and nothing happens, this latest university data breach has shown some teeth: at least 50 people have already been victims of identity theft, with the most notable of them being the president of Northwest Florida State College.
“I recognize that this is a significant hassle for those whose information is used to commit identity theft,” stated [Northwest Florida State College President Ty ] Handy. “I was one of the first seven or eight to be hit personally and I have spent several hours on the phone working with my bank and others to protect myself. It is not an enjoyable experience and for that I apologize.” [heraldtribune.com]
As a victim of identity theft myself — although, granted, I had it better than most — I know how it feels…except that for me, it was an enjoyable experience. Well, not enjoyable per se, but it wasn’t as bad as it could have been.
Related Articles and Sites: