9 Tips To Keep Your Personal Data Stored In The Cloud Secure
Hacker Group Announces Theft Of 12 Million Apple Mobile Device Identification Numbers

Data Breach At University Of South Carolina Affects 34,000 People

The University of South Carolina experienced a data breach on an Internet-connected computer in its College of Education. The university is notifying 34,000 people, whose sensitive personal information has been exposed. The breach was discovered on June 6.

The University's breach announcement did not list the specific types of sensitive personal information exposed/stolen:

"Files on the server contained confidential, personally identifiable information of approximately 34,000 individuals."

McClatchy news service reported that the sensitive personal information exposed/stolen included the names, addresses and Social Security numbers of staff, researchers, and student at the College of Education since 2005.

The university advised breach victims to check their credit reports at the three major credit reporting agencies (e.g., Experian, Equifax, and TransUnion), and to place a fraud alert on their credit reports. The university did not name the credit monitoring/resolution service it has retained to assist breach victims, nor if it will provide that service freely to breach victims.

Organizations usualyy provide a couple years of free credit monitoring services after data breaches like this. This is the sixth breach at the University of South Carolina. Prior breaches:

  • March 2011: 31,000 records exposed/stolen on 8 campuses affecting faculty, staff, retirees, and students
  • June 2008: 7,000 records exposed/stolen during an office theft at the Moore School of Business
  • September 2007: 1,482 students' files, including Social Security numbers, test scores, and grades, were exposed on an Internet-connect computer
  • August 2006: 6,000 current and former students' sensitive information was exposed/stolen
  • April 2006: 1,400 students' sensitive information, including Social Security numbers, was attached to and distributed in an email message by a faculty member

Given this poor history, the university's chief security officer and IT staff need to step up faculty/staff training and data security procedures at the school.

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.